CVE-2007-1904
https://notcve.org/view.php?id=CVE-2007-1904
Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a .. (dot dot) in a filename in a file transfer operation. Vulnerabilidad de salto de directorio en AOL Instant Messenger (AIM) 5.9 y anteriores, e ICQ 5.1 y probablemente anteriores permite a atacantes remotos con la complicidad del usuario mediante secuencias .. (punto punto) en un nombre de fichero en una operación de transferencia de fichero. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=508 http://secunia.com/advisories/24747 http://secunia.com/advisories/24803 http://www.securityfocus.com/bid/23391 http://www.securitytracker.com/id?1017890 http://www.securitytracker.com/id?1017891 http://www.vupen.com/english/advisories/2007/1306 http://www.vupen.com/english/advisories/2007/1307 https://exchange.xforce.ibmcloud.com/vulnerabilities/33538 •
CVE-2006-0629
https://notcve.org/view.php?id=CVE-2006-0629
Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allows user-assisted remote attackers to cause a denial of service (client crash) and possibly execute arbitrary code by tricking the user into requesting Buddy Info about a long screen name, which might cause a buffer overflow. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0948.html http://www.securityfocus.com/archive/1/423906/100/0/threaded http://www.securityfocus.com/archive/1/423920/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/24362 •
CVE-2005-1655 – AOL Instant Messenger 4.x/5.x - Smiley Icon Location Remote Denial of Service
https://notcve.org/view.php?id=CVE-2005-1655
AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag. • https://www.exploit-db.com/exploits/25633 http://www.securityfocus.com/bid/13553 •
CVE-2001-1420
https://notcve.org/view.php?id=CVE-2001-1420
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow. • http://www.kb.cert.org/vuls/id/972499 http://www.kb.cert.org/vuls/id/JARL-569MEK http://www.securityfocus.com/archive/1/218920 http://www.securityfocus.com/bid/3407 https://exchange.xforce.ibmcloud.com/vulnerabilities/7254 •
CVE-2004-2373 – AOL Instant Messenger 4.x/5.x - Buddy Icon Predictable File Location
https://notcve.org/view.php?id=CVE-2004-2373
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. • https://www.exploit-db.com/exploits/23730 http://www.securityfocus.com/archive/1/354448 http://www.securityfocus.com/bid/9698 https://exchange.xforce.ibmcloud.com/vulnerabilities/15310 •