CVE-2001-1420
https://notcve.org/view.php?id=CVE-2001-1420
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow. • http://www.kb.cert.org/vuls/id/972499 http://www.kb.cert.org/vuls/id/JARL-569MEK http://www.securityfocus.com/archive/1/218920 http://www.securityfocus.com/bid/3407 https://exchange.xforce.ibmcloud.com/vulnerabilities/7254 •
CVE-2004-2373 – AOL Instant Messenger 4.x/5.x - Buddy Icon Predictable File Location
https://notcve.org/view.php?id=CVE-2004-2373
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. • https://www.exploit-db.com/exploits/23730 http://www.securityfocus.com/archive/1/354448 http://www.securityfocus.com/bid/9698 https://exchange.xforce.ibmcloud.com/vulnerabilities/15310 •
CVE-2004-0636 – AOL Instant Messenger AIM - 'Away' Message Local Overflow
https://notcve.org/view.php?id=CVE-2004-0636
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. Desbordamiento de búfer en la función goaway en el manejador de URI aim:goaway en AOL Instant Messenger (AIM) 5.5, incluyendo 5.5.3595, permite a atacantes remotos ejecutar código de su elección mediante un mensaje "Away" largo. • https://www.exploit-db.com/exploits/395 https://www.exploit-db.com/exploits/431 https://www.exploit-db.com/exploits/16525 http://secunia.com/advisories/12198 http://www.idefense.com/application/poi/display?id=121&type=vulnerabilities http://www.kb.cert.org/vuls/id/735966 https://exchange.xforce.ibmcloud.com/vulnerabilities/16926 •
CVE-2003-1503
https://notcve.org/view.php?id=CVE-2003-1503
Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name. • http://archives.neohapsis.com/archives/ntbugtraq/2003-q4/0059.html http://www.digitalpranksters.com/advisories/aol/AIMProtocolBO.html http://www.securityfocus.com/bid/8825 https://exchange.xforce.ibmcloud.com/vulnerabilities/13443 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2002-1813 – AOL Instant Messenger 4.8.2790 - Local File Execution
https://notcve.org/view.php?id=CVE-2002-1813
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link. • https://www.exploit-db.com/exploits/21958 http://archives.neohapsis.com/archives/bugtraq/2002-10/0319.html http://www.iss.net/security_center/static/10441.php http://www.securityfocus.com/bid/6027 •