Security hole in AOL ActiveX module
Security vendor Secunia has discovered a security hole in AOL's access software. Cybercrooks can use prepared websites to smuggle and execute arbitrary program code. The bug is related to CDDBControlAOL, an ActiveX module installed in the access software.
A buffer overflow can occur in that ActiveX component when processing longer values for the SetClientInfo() function. For the attack to work, however, an undisclosed registry key must contain the value "1111", which is not the default. A manipulated website can automatically arrange for this, however, by first instantiating the CerberusCDPlayer ActiveX module, which is also installed by the AOL software.
The Secunia report claims that the defective module is included in AOL access software versions 7.0 Revision 4114.563, 8.0 Revision 4129.230 and 9.0 Security Edition Revision 4156.910. The company also suspects that other versions are affected as well. AOL is recommending that its users update their access software to the current version, 9.0 Security Edition, in cases where an older variant is still in use. Those already running the Security Edition need only log on to the AOL service and an updated version with the bug eliminated will automatically be installed.
- AOL CDDBControl ActiveX Control "SetClientInfo()" Buffer Overflow, security advisory from Secunia