Product: AOL 9.5 Vulnerability: File Parsing Heap-based Buffer Overflow Description: Hellcode Research has discovered a heap overflow vulnerability in AOL 9.5 Opening a malformed vCard file (.vcf) with AOL 9.5 causes a crash on "waol.exe" Successful exploitation may allow execution of arbitrary code. Credits: Discovered by Celil 'karak0rsan' Unuver and murderkey from Hellcode Research http://tcc.hellcode.net Original Advisory: http://tcc.hellcode.net/advisories/hellcode-adv009.txt