Vulnerability Details CVE-2001-1419
AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.071
EPSS Ranking 91.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0014.html
- http://www.kb.cert.org/vuls/id/507771
- http://www.kb.cert.org/vuls/id/JARL-56TPTN
- http://www.securityfocus.com/archive/1/247707
- http://www.securityfocus.com/bid/3398
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7233
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0014.html
- http://www.kb.cert.org/vuls/id/507771
- http://www.kb.cert.org/vuls/id/JARL-56TPTN
- http://www.securityfocus.com/archive/1/247707
- http://www.securityfocus.com/bid/3398
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7233
Products affected by CVE-2001-1419
-
cpe:2.3:a:aol:instant_messenger:4.0
-
cpe:2.3:a:aol:instant_messenger:4.1
-
cpe:2.3:a:aol:instant_messenger:4.2
-
cpe:2.3:a:aol:instant_messenger:4.3
-
cpe:2.3:a:aol:instant_messenger:4.3.2229
-
cpe:2.3:a:aol:instant_messenger:4.4
-
cpe:2.3:a:aol:instant_messenger:4.5
-
cpe:2.3:a:aol:instant_messenger:4.6
-
cpe:2.3:a:aol:instant_messenger:4.7
-
cpe:2.3:a:aol:instant_messenger:4.7.2480
-
cpe:2.3:a:cerulean_studios:trillian:0.6351