Intrusion Prevention



This indicates a possible exploit of a buffer overflow vulnerability in the "AOL.PicDownloadCtrl.1" ActiveX control (YGPPicDownload.dll).
This issue is due to buffer overflow errors in the "YGPPDownload" ActiveX control when processing malformed arguments passed to the "AddPictureNoAlbum()" method and the "downloadFileDirectory" property.

Affected Products

AOL version 9.0 and prior.
AOL version 9.0 (Security Edition) and prior.


The execution of arbitrary code on the system.

Recommended Actions

Log in to the AOL service to apply patches automatically :

CVE References

CVE-2006-5502 CVE-2006-5501