Notified: December 08, 2006 Updated: December 08, 2006
Affected
Overview AOL has recently been made aware of a security vulnerability present in the AOL CDDB ActiveX control. Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Affected Products and Applications All AOL software versions are affected by this issue. Solutions 1. Users of AOL 9.0 or AOL 9.0 Security Edition are recommended to log in to the AOL service and a fix will be seamlessly applied to their system. 2. Users using versions of AOL that are older than 9.0 are strongly recommended to upgrade to the latest version of AOL 9.0 Security Edition. Acknowledgments AOL would like to thank Secunia for their efforts in identifying and responsibly reporting this issue.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 11, 2006 Updated: June 28, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see the Gracenote Security Update for details.
Notified: March 20, 2006 Updated: June 29, 2006
Affected
Nokia has discovered a vulnerability in the PC Suite software versions 6.7 and 6.8. The vulnerability which is related to ActiveX environment creates a security hole in PC Suite rendering the user's computer system vulnerable to harmful attack. In case ActiveX is not activated in the user's system, the system remains intact and is not vulnerable to attacks via this hole. So far, Nokia has no knowledge of anyone having been impacted by this vulnerability. Nokia began investigating the vulnerability as soon as it was discovered, and developed an updated version of the software that will solve the issue. The security update is now available for users at http://www.nokia.com/pcsuite . The update is also being pushed directly to those users of the Nokia PC Suite who are connected to the Internet and who have permitted the update feature. Nokia takes all security issues seriously, and we constantly develop and integrate advanced security features in our products. The vulnerability discovered in PC Suite versions 6.7 and 6.8 did not affect mobile devices, but it formed a potential risk to the user's computer system. All PC Suite users using either of the affected versions are strongly encouraged to download the security update to their system.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: March 15, 2006 Updated: June 27, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see the Gracenote Security Update for details.