Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2002-04/0203.html | Exploit Patch Vendor Advisory |
http://www.securityfocus.com/bid/4526 | Exploit Vendor Advisory |
http://www.iss.net/security_center/static/8870.php | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2002-06-17 21:00
Updated : 2008-09-05 13:28
NVD link : CVE-2002-0591
Mitre link : CVE-2002-0591
JSON object : View
CWE
Products Affected
aol
- instant_messenger