CVE-2006-5820

EXPLOITED

AOL 9.0 Security Edition - Remote Code Execution via SuperBuddy ActiveX Control

Title source: llm

Exploitation Summary

CVE-2006-5820 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Krad Chad.

AI-analyzed exploit summary This exploit targets a vulnerability in AOL Sb.SuperBuddy (CVE-2006-5820) by leveraging a heap spray technique and ActiveX control manipulation to achieve remote code execution. The exploit delivers a payload via a malicious HTML page, triggering the vulnerability when the victim visits the page.

Description

The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Krad Chad · rubyremotewindows

https://www.exploit-db.com/exploits/3662

View Code ZIP pw:eip

This exploit targets a vulnerability in AOL Sb.SuperBuddy (CVE-2006-5820) by leveraging a heap spray technique and ActiveX control manipulation to achieve remote code execution. The exploit delivers a payload via a malicious HTML page, triggering the vulnerability when the victim visits the page.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: AOL Sb.SuperBuddy.1 ActiveX Control

No auth needed

Prerequisites: Victim must visit a malicious webpage · AOL Sb.SuperBuddy.1 ActiveX Control must be installed

MITRE ATT&CK