AOL Desktop .rtx File Buffer Overflow
Added: 03/18/2011BID: 46129
OSVDB: 70741
Background
AOL Desktop is an internet suite that integrates a web browser, media player, and IM client.Problem
A heap overflow vulnerability exists in the Rich Text file parser of AOL Desktop 9.x. In documents with HTML links, the parser does not properly validate the length of the "HREF" attribute in "A" tags.Resolution
This vulnerability has not been patched by the vendor.References
http://secunia.com/advisories/43136/Limitations
This exploit works against AOL Desktop 9.6 running on Microsoft Windows XP SP3 English (DEP OptIn).Platforms
Windows XPWindows Vista / Windows 7
Back to exploit index