Vulnerability Description
Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers to execute arbitrary code via a long ClientId argument.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aol | Aol Client Software | 7.0_4114.563 |
Related Weaknesses (CWE)
References
- http://attrition.org/pipermail/vim/2006-December/001173.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051230.html
- http://secunia.com/advisories/23043Vendor Advisory
- http://secunia.com/secunia_research/2006-69/advisory/Vendor Advisory
- http://securitytracker.com/id?1017357
- http://www.securityfocus.com/archive/1/454105/100/0/threaded
- http://www.securityfocus.com/bid/21488
- http://www.vupen.com/english/advisories/2006/4904Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30790
- http://attrition.org/pipermail/vim/2006-December/001173.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051230.html
- http://secunia.com/advisories/23043Vendor Advisory
- http://secunia.com/secunia_research/2006-69/advisory/Vendor Advisory
- http://securitytracker.com/id?1017357
- http://www.securityfocus.com/archive/1/454105/100/0/threaded
FAQ
What is CVE-2006-6442?
CVE-2006-6442 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Se...
How severe is CVE-2006-6442?
CVE-2006-6442 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6442?
Check the references section above for vendor advisories and patch information. Affected products include: Aol Aol Client Software.