CVE-2007-5755

AOL Radio - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in the AOL AmpX ActiveX control in AmpX.dll 2.6.1.11 in AOL Radio allow remote attackers to execute arbitrary code via long arguments to unspecified methods.

Exploits (1)

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/aol_ampx_convertfile.rb

View Code ZIP pw:eip

References (7)

[Patch] http://www.securityfocus.com/bid/26396

[Patch, Vendor Advisory] http://secunia.com/advisories/27622

[Third Party Advisory, VDB Entry] http://osvdb.org/38705

[Third Party Advisory] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=623

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018929

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/38397

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/3822

Scores

EPSS 0.5596

EPSS Percentile 98.1%

Details

CWE

CWE-119

Status published

Products (1)

aol/radio

Published Nov 14, 2007

Tracked Since Feb 18, 2026