CVSS: 10.0EPSS: 93%CPEs: 3EXPL: 3CVE-2004-0636 – AOL Instant Messenger AIM - 'Away' Message Local Overflow
https://notcve.org/view.php?id=CVE-2004-0636
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. Desbordamiento de búfer en la función goaway en el manejador de URI aim:goaway en AOL Instant Messenger (AIM) 5.5, incluyendo 5.5.3595, permite a atacantes remotos ejecutar código de su elección mediante un mensaje "Away" largo. • https://www.exploit-db.com/exploits/395 https://www.exploit-db.com/exploits/431 https://www.exploit-db.com/exploits/16525 http://secunia.com/advisories/12198 http://www.idefense.com/application/poi/display?id=121&type=vulnerabilities http://www.kb.cert.org/vuls/id/735966 https://exchange.xforce.ibmcloud.com/vulnerabilities/16926 •
CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0CVE-2003-1503
https://notcve.org/view.php?id=CVE-2003-1503
Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name. • http://archives.neohapsis.com/archives/ntbugtraq/2003-q4/0059.html http://www.digitalpranksters.com/advisories/aol/AIMProtocolBO.html http://www.securityfocus.com/bid/8825 https://exchange.xforce.ibmcloud.com/vulnerabilities/13443 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 3CVE-2002-2169 – AOL Instant Messenger 4.x - Unauthorized Actions
https://notcve.org/view.php?id=CVE-2002-2169
Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" tag to an aim: URL. • https://www.exploit-db.com/exploits/21619 http://online.securityfocus.com/archive/1/282443 http://www.iss.net/security_center/static/9616.php http://www.mindflip.org/aim.html http://www.securityfocus.com/bid/5246 •
CVSS: 2.6EPSS: 2%CPEs: 4EXPL: 3CVE-2002-1813 – AOL Instant Messenger 4.8.2790 - Local File Execution
https://notcve.org/view.php?id=CVE-2002-1813
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link. • https://www.exploit-db.com/exploits/21958 http://archives.neohapsis.com/archives/bugtraq/2002-10/0319.html http://www.iss.net/security_center/static/10441.php http://www.securityfocus.com/bid/6027 •
CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 1CVE-2002-1953
https://notcve.org/view.php?id=CVE-2002-1953
Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 allows remote attackers to cause a denial of service (crash) via escaping of the screen name parameter, which triggers the overflow when the user selects "Get Info" on the buddy. • http://online.securityfocus.com/archive/1/288980 http://www.iss.net/security_center/static/9950.php http://www.securityfocus.com/bid/5492 •