Description
AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
Active
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- AOL Inc. / AOL Desktop0 – 9.6
References
- EXPLOIThttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/aol_desktop_linktag.rb
- EXPLOIThttps://www.exploit-db.com/exploits/16085
- EXPLOIThttps://www.exploit-db.com/exploits/16107
- EXPLOIThttps://www.exploit-db.com/exploits/17150
- MISChttps://www.fortiguard.com/encyclopedia/ips/26516
- VENDOR_ADVISORYhttps://www.vulncheck.com/advisories/aol-desktop-rtx-stack-based-buffer-overflow