Aol: >> Instant Messenger >> 5.0.2938 Security Vulnerabilities
AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag.
CVSS Score
5.0
EPSS Score
0.034
Published
2005-05-18
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations.
CVSS Score
7.5
EPSS Score
0.031
Published
2004-12-31
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link.
CVSS Score
2.6
EPSS Score
0.031
Published
2002-12-31