CVE-2010-1374
https://notcve.org/view.php?id=CVE-2010-1374
Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in an inline image-transfer operation. Vulnerabilidad de salto de directorio en iChat en Apple Mac OS X v10.5.8 y v10.6 antes de v10.6.4, cuando el objetivo se utiliza, permite a atacantes remotos crear ficheros arbitrarios mediante secuencias de salto de directorio en una operación de transferencia de un archivo de imagen. • http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html http://secunia.com/advisories/40220 http://securitytracker.com/id?1024103 http://support.apple.com/kb/HT4188 http://www.securityfocus.com/bid/40871 http://www.vupen.com/english/advisories/2010/1481 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2005-1891
https://notcve.org/view.php?id=CVE-2005-1891
The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable. • http://marc.info/?l=bugtraq&m=111816939928640&w=2 http://marc.info/?l=bugtraq&m=111817881214343&w=2 http://securitytracker.com/id?1014145 http://www.securityfocus.com/bid/13880 • CWE-191: Integer Underflow (Wrap or Wraparound) •