Vulnerability Details : CVE-2006-3888
Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method.
Vulnerability category: OverflowExecute code
Products affected by CVE-2006-3888
- cpe:2.3:a:aol:ygp_pic_downloader_activex_control:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-3888
30.85%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-3888
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-3888
-
http://www.kb.cert.org/vuls/id/MIMG-6MUUJ8
-
http://www.kb.cert.org/vuls/id/661524
US Government Resource
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=420
-
http://www.securityfocus.com/bid/20425
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/29410
-
http://securitytracker.com/id?1017024
-
http://www.vupen.com/english/advisories/2006/3967
-
http://www.securityfocus.com/bid/20472
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/29494
Jump to