Vulnerability Details CVE-2004-2373
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.0%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2004-2373
-
cpe:2.3:a:aol:instant_messenger:4.3
-
cpe:2.3:a:aol:instant_messenger:4.3.2229
-
cpe:2.3:a:aol:instant_messenger:4.4
-
cpe:2.3:a:aol:instant_messenger:4.5
-
cpe:2.3:a:aol:instant_messenger:4.6
-
cpe:2.3:a:aol:instant_messenger:4.7
-
cpe:2.3:a:aol:instant_messenger:4.7.2480
-
cpe:2.3:a:aol:instant_messenger:4.8.2616
-
cpe:2.3:a:aol:instant_messenger:4.8.2646
-
cpe:2.3:a:aol:instant_messenger:4.8.2790
-
cpe:2.3:a:aol:instant_messenger:5.0.2938
-
cpe:2.3:a:aol:instant_messenger:5.1.3036
-
cpe:2.3:a:aol:instant_messenger:5.2.3292
-
cpe:2.3:a:aol:instant_messenger:5.5
-
cpe:2.3:a:aol:instant_messenger:5.5.3415_beta