Page 7 of 60 results (0.004 seconds)

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1

AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow. • http://www.kb.cert.org/vuls/id/972499 http://www.kb.cert.org/vuls/id/JARL-569MEK http://www.securityfocus.com/archive/1/218920 http://www.securityfocus.com/bid/3407 https://exchange.xforce.ibmcloud.com/vulnerabilities/7254 •

CVSS: 7.5EPSS: 6%CPEs: 15EXPL: 2

The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. • https://www.exploit-db.com/exploits/23730 http://www.securityfocus.com/archive/1/354448 http://www.securityfocus.com/bid/9698 https://exchange.xforce.ibmcloud.com/vulnerabilities/15310 •

CVSS: 10.0EPSS: 93%CPEs: 3EXPL: 3

Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. Desbordamiento de búfer en la función goaway en el manejador de URI aim:goaway en AOL Instant Messenger (AIM) 5.5, incluyendo 5.5.3595, permite a atacantes remotos ejecutar código de su elección mediante un mensaje "Away" largo. • https://www.exploit-db.com/exploits/395 https://www.exploit-db.com/exploits/431 https://www.exploit-db.com/exploits/16525 http://secunia.com/advisories/12198 http://www.idefense.com/application/poi/display?id=121&type=vulnerabilities http://www.kb.cert.org/vuls/id/735966 https://exchange.xforce.ibmcloud.com/vulnerabilities/16926 •

CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0

Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name. • http://archives.neohapsis.com/archives/ntbugtraq/2003-q4/0059.html http://www.digitalpranksters.com/advisories/aol/AIMProtocolBO.html http://www.securityfocus.com/bid/8825 https://exchange.xforce.ibmcloud.com/vulnerabilities/13443 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 3

Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" tag to an aim: URL. • https://www.exploit-db.com/exploits/21619 http://online.securityfocus.com/archive/1/282443 http://www.iss.net/security_center/static/9616.php http://www.mindflip.org/aim.html http://www.securityfocus.com/bid/5246 •