Page 2 of 31 results (0.007 seconds)

CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0

Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a .. (dot dot) in a filename in a file transfer operation. Vulnerabilidad de salto de directorio en AOL Instant Messenger (AIM) 5.9 y anteriores, e ICQ 5.1 y probablemente anteriores permite a atacantes remotos con la complicidad del usuario mediante secuencias .. (punto punto) en un nombre de fichero en una operación de transferencia de fichero. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=508 http://secunia.com/advisories/24747 http://secunia.com/advisories/24803 http://www.securityfocus.com/bid/23391 http://www.securitytracker.com/id?1017890 http://www.securitytracker.com/id?1017891 http://www.vupen.com/english/advisories/2007/1306 http://www.vupen.com/english/advisories/2007/1307 https://exchange.xforce.ibmcloud.com/vulnerabilities/33538 •

CVSS: 5.1EPSS: 2%CPEs: 1EXPL: 0

Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allows user-assisted remote attackers to cause a denial of service (client crash) and possibly execute arbitrary code by tricking the user into requesting Buddy Info about a long screen name, which might cause a buffer overflow. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0948.html http://www.securityfocus.com/archive/1/423906/100/0/threaded http://www.securityfocus.com/archive/1/423920/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/24362 •

CVSS: 5.0EPSS: 2%CPEs: 36EXPL: 2

AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag. • https://www.exploit-db.com/exploits/25633 http://www.securityfocus.com/bid/13553 •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1

AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow. • http://www.kb.cert.org/vuls/id/972499 http://www.kb.cert.org/vuls/id/JARL-569MEK http://www.securityfocus.com/archive/1/218920 http://www.securityfocus.com/bid/3407 https://exchange.xforce.ibmcloud.com/vulnerabilities/7254 •

CVSS: 7.5EPSS: 6%CPEs: 15EXPL: 2

The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. • https://www.exploit-db.com/exploits/23730 http://www.securityfocus.com/archive/1/354448 http://www.securityfocus.com/bid/9698 https://exchange.xforce.ibmcloud.com/vulnerabilities/15310 •