ReportizFlow
Filtered by vendor Aol
Subscriptions
Filtered by product Instant Messenger
Subscriptions
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1503 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name. | ||||
| CVE-2001-1417 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data. | ||||
| CVE-2002-0005 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary code via a long argument in a game request (AddGame). | ||||
| CVE-2002-0591 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename. | ||||
| CVE-2002-2169 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" tag to an aim: URL. | ||||
| CVE-2002-1591 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could allow code from free.aol.com to bypass intended access restrictions. | ||||
| CVE-2001-1419 | 2 Aol, Cerulean Studios | 2 Instant Messenger, Trillian | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments. | ||||
| CVE-2001-1421 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to cause a denial of service (application crash) via a large number of different fonts followed by an HTML HR tag. | ||||
| CVE-2002-0785 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow. | ||||
| CVE-1999-0486 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash. | ||||
| CVE-2004-2373 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. | ||||
| CVE-2004-0636 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. | ||||
| CVE-2002-1953 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 allows remote attackers to cause a denial of service (crash) via escaping of the screen name parameter, which triggers the overflow when the user selects "Get Info" on the buddy. | ||||
| CVE-2002-1813 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link. | ||||
| CVE-2005-1655 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag. | ||||
| CVE-2000-0190 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value. | ||||
| CVE-2000-0383 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. | ||||
| CVE-2000-1093 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command. | ||||
| CVE-2001-1418 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a malformed WAV file. | ||||
| CVE-2001-1420 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow. | ||||