Attackers could exploit a flaw in AOL Security Edition 9.0 to run malicious code on targeted machines, but the vendor has made a fix available.
The program builds upon Internet Explorer technology to offer users enhanced security and usability features. A flaw in the product was discovered by Reston, Va.-based iDefense Labs, a division of VeriSign Inc.
"America Online 9.0 Security Edition ships with an ActiveX control which is marked as safe for scripting and contains a buffer overflow vulnerability," iDefense said in an advisory. "Exploitation of this vulnerability is trivial and allows for arbitrary execution of code as the currently logged-in user."
Users would need to be convinced to go to a malicious Web site in order to be exploited, however.
The flaw was confirmed in AOL Security Edition 9.0 with downloader plug-in version 126.96.36.199. Users of AOL 9.0 or AOL 9.0 Security Edition are advised to log in to the AOL service and a fix will be seamlessly applied to their system, iDefense said.
Danish vulnerability clearinghouse Secunia rated the flaw "highly critical" in its advisory because attackers could exploit it remotely. Secunia said there are two specific vulnerabilities:
- A boundary error in the YGPPDownload ActiveX control (YGPPicDownload.dll) that surfaces when processing input passed to the "AddPictureNoAlbum()" method, which can be exploited to cause a heap-based buffer overflow.
- A boundary error in the YGPPDownload ActiveX control (YGPPicDownload.dll) when processing input passed to the "downloadFileDirectory" property, which can also be exploited to cause a heap-based buffer overflow.
"Successful exploitation of the vulnerabilities allows execution of arbitrary code," Secunia said.