CVE-2010-10015

Public Exploit
AOL <= 9.5 Phobos.Playlist 'Import()' Stack-Based Buffer Overflow

Description

AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attackers to execute arbitrary code in the context of the user, but only when the malicious HTML file is opened locally, due to the control not being marked safe for scripting or initialization. AOL remains an active and supported brand offering services like AOL Mail and AOL Desktop Gold, but the legacy AOL 9.5 desktop software—specifically the version containing the vulnerable Phobos.dll ActiveX control—is long discontinued and no longer maintained.

Category

8.4
CVSS
Severity: High
CVSS 4.0 •
EPSS 0.11%
Third-Party Advisory broadcom.com Third-Party Advisory fortiguard.com Third-Party Advisory vulncheck.com
Affected: AOL AOL
Published at:
Updated at:

References

Link Tags
https://web.archive.org/web/20100804162117/http://www.rec-sec.com/2010/01/25/aol-playlist-class-buffer-overflow/ exploit technical description
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/aol_phobos_bof.rb exploit
https://www.exploit-db.com/exploits/11204 exploit
https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=26569 third party advisory
https://www.fortiguard.com/encyclopedia/ips/32026/aol-phobos-dll-activex-control-import-buffer-overflow third party advisory
https://appdb.winehq.org/objectManager.php?sClass=version&iId=20354 product
http://www.exploit-db.com/exploits/11190 exploit
https://www.vulncheck.com/advisories/aol-phobos-playlist-import-stack-based-buffer-overflow third party advisory
https://www.exploit-db.com/exploits/11190

Frequently Asked Questions

What is the severity of CVE-2010-10015?
CVE-2010-10015 has been scored as a high severity vulnerability.
How to fix CVE-2010-10015?
To fix CVE-2010-10015, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2010-10015 being actively exploited in the wild?
It is possible that CVE-2010-10015 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2010-10015?
CVE-2010-10015 affects AOL AOL.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.