AOL SuperBuddy ActiveX Control Remote Code Execution Vulnerability
AOL SuperBuddy ActiveX Control Remote Code Execution Vulnerability
Affected:
AOL versions 9.x
AOL SuperBuddy ActiveX 9.x
Description: The “SuperBuddy” ActiveX control, shipped with American Online (AOL) software package, has been identified with a vulnerability which could be triggered by a malicious web page that instantiates this control. The specific flaw is a memory corruption error in the “SetSuperBuddy()” ActiveX method in the “Sb.SuperBuddy.1″ (sb.dll) ActiveX control. By passing malformed arguments to “SetSuperBuddy()”
ActiveX method, an attacker might exploit this vulnerability. Successful exploitation might allow an attacker to execute arbitrary code in the context of the logged on user. Full technical details for this vulnerability are publicly available along with a Proof-of-Concept.
Status: Vendor has not confirmed, no updates available. Users can mitigate the impact of this vulnerability by disabling the control via Microsoft’s “kill bit” mechanism for CLSID 189504B8-50D1-4AA8-B4D6-95C8F58A6414.
References:
Microsoft Knowledge Base Article (details the “kill bit” mechanism)
http://support.microsoft.com/kb/240797
Vendor Home Page
http://www.aol.com/
SecurityFocus BID
http://www.securityfocus.com/bid/36580
