vendor:
AOL Products downloadUpdater2 Plugin
by:
7.5
CVSS
HIGH
Remote Code Execution
119
CWE
Product Name: AOL Products downloadUpdater2 Plugin
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows
AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution
By embedding the npdnupdater2.dll plugin inside an html page, it is possible to trigger a buffer overflow vulnerability through the 'SRC' parameter. This can lead to remote code execution.
Mitigation:
Update to the latest version of the AOL Products downloadUpdater2 Plugin. Avoid visiting untrusted websites or clicking on suspicious links.
