Page 6 of 31 results (0.008 seconds)

CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags. • http://www.kb.cert.org/vuls/id/541384 http://www.kb.cert.org/vuls/id/JARL-56TPBQ http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=19811&DisplayTab=Article •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 2

Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command. • https://www.exploit-db.com/exploits/20510 http://www.atstake.com/research/advisories/2000/a121200-1.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/5732 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters. • http://www.securityfocus.com/archive/1/137374 http://www.securityfocus.com/bid/1747 https://exchange.xforce.ibmcloud.com/vulnerabilities/5314 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. • http://www.securityfocus.com/bid/1180 http://www.securityfocus.com/templates/archive.pike?list=1&msg=002401bfb918%247310d5a0%241ef084ce%40karemor.com •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value. • http://archives.neohapsis.com/archives/bugtraq/2000-03/0016.html •