ReportizFlow
Filtered by vendor Aol
Subscriptions
Filtered by product Instant Messenger
Subscriptions
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-1000 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters. | ||||
| CVE-2001-1417 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data. | ||||
| CVE-2001-1419 | 2 Aol, Cerulean Studios | 2 Instant Messenger, Trillian | 2025-04-03 | N/A |
| AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments. | ||||
| CVE-2004-2373 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. | ||||
| CVE-2002-0005 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary code via a long argument in a game request (AddGame). | ||||
| CVE-2002-0785 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow. | ||||
| CVE-2002-1953 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 allows remote attackers to cause a denial of service (crash) via escaping of the screen name parameter, which triggers the overflow when the user selects "Get Info" on the buddy. | ||||
| CVE-2002-2169 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" tag to an aim: URL. | ||||
| CVE-2002-1591 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could allow code from free.aol.com to bypass intended access restrictions. | ||||
| CVE-2004-0636 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. | ||||
| CVE-1999-0486 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash. | ||||