scoutt
01-20-2006, 04:45 PM
(17 January 2006)
A critical buffer overflow flaw in AOL's YGP Picture Finder Tool ActiveX
Control (YGPPicFinder.DLL), which is used by AOL's You've Got Pictures,
could be exploited to execute arbitrary code or cause a
denial-of-service condition. The problem lies in an ActiveX control in
the tool and affects several versions of AOL, including AOL 8.0, 8.0+
and 9.0 Classic. An AOL spokesman said the company became aware of the
issue in July and pushed out a fix to affected members for a few weeks
last fall. Users who did not log in during that period are encouraged
to download a newer version of AOL's client suite or apply a hotfix
patch.
http://www.computerworld.com/printthis/2006/0,4814,107824,00.html
http://www.eweek.com/print_article2/0,1217,a=169374,00.asp
http://www.kb.cert.org/vuls/id/715730
A critical buffer overflow flaw in AOL's YGP Picture Finder Tool ActiveX
Control (YGPPicFinder.DLL), which is used by AOL's You've Got Pictures,
could be exploited to execute arbitrary code or cause a
denial-of-service condition. The problem lies in an ActiveX control in
the tool and affects several versions of AOL, including AOL 8.0, 8.0+
and 9.0 Classic. An AOL spokesman said the company became aware of the
issue in July and pushed out a fix to affected members for a few weeks
last fall. Users who did not log in during that period are encouraged
to download a newer version of AOL's client suite or apply a hotfix
patch.
http://www.computerworld.com/printthis/2006/0,4814,107824,00.html
http://www.eweek.com/print_article2/0,1217,a=169374,00.asp
http://www.kb.cert.org/vuls/id/715730