Detections
Analytics

CVE-2006-3888

critical

Description

Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/29494

https://exchange.xforce.ibmcloud.com/vulnerabilities/29410

http://www.vupen.com/english/advisories/2006/3967

http://www.securityfocus.com/bid/20472

http://www.securityfocus.com/bid/20425

http://www.kb.cert.org/vuls/id/MIMG-6MUUJ8

http://www.kb.cert.org/vuls/id/661524

http://securitytracker.com/id?1017024

http://secunia.com/advisories/22304

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=420

Details

Source: Mitre, NVD

Published: 2006-10-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.05766