Attackers could exploit a flaw in AOL Security Edition
9.0 to run malicious code on targeted machines, but the supplier
has made a fix available.
The program builds upon Internet Explorer technology to offer
users enhanced security and usability features. A flaw in the
product was discovered by iDefense Labs, a division of
VeriSign.
"America Online 9.0 Security Edition ships with an ActiveX
control which is marked as safe for scripting and contains a buffer
overflow vulnerability," iDefense said in an
advisory. "Exploitation of this
vulnerability is trivial and allows for arbitrary execution of
code as the currently logged-in user."
Users would need to be convinced to go to a malicious website in
order to be exploited, however.
The flaw was confirmed in AOL Security Edition 9.0 with
downloader plug-in version 9.2.3.0. Users of AOL 9.0 or AOL 9.0
Security Edition are advised to log in to the AOL service and a fix
will be seamlessly applied to their system, iDefense said.
Danish vulnerability clearinghouse Secunia rated the flaw
"highly critical" in its
advisory because attackers could exploit it
remotely. Secunia said there are two specific vulnerabilities:
- A boundary error in the YGPPDownload ActiveX control
(YGPPicDownload.dll) that surfaces when processing input passed to
the "AddPictureNoAlbum()" method, which can be exploited to cause a
heap-based buffer overflow.
- A boundary error in the YGPPDownload ActiveX control
(YGPPicDownload.dll) when processing input passed to the
"downloadFileDirectory" property, which can also be exploited to
cause a heap-based buffer overflow.
"Successful exploitation of the vulnerabilities allows execution
of arbitrary code," Secunia said.