CVE-2006-5820 Information

Description

The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer which allows remote attackers to execute arbitrary code via a modified pointer value.

Reference

http://osvdb.org/34318 http://secunia.com/advisories/24714 http://securityreason.com/securityalert/2513 http://www.kb.cert.org/vuls/id/478225 http://www.securityfocus.com/archive/1/464313/100/0/threaded http://www.securityfocus.com/bid/23224 http://www.tippingpoint.com/security/advisories/TSRT-07-03.html http://www.vupen.com/english/advisories/2007/1184 https://exchange.xforce.ibmcloud.com/vulnerabilities/33347