GCVE - cpe:2.3:a:aol:instant_messenger:4.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:aol:instant_messenger:4.1:*:*:*:*:*:*:*

part: a version: 4.1 update: *

Vendor	Aol (`10d5b003-67b5-5c5d-ad77-b012d557140a`)
Product	Instant Messenger (`69b91a4d-9600-5375-bb8e-9d72d62dfe0e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2005-1655`	vulnerable	2026-06-03 14:26:59.878021	Details available AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag. Published: 2005-05-18T04:00:00.000Z Updated: 2024-09-16T23:06:54.294Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/13553	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0785`	vulnerable	2026-06-03 14:26:15.099123	Details available AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow. Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T03:03:48.905Z Open on db.gcve.eu Reference links http://www.osvdb.org/5109 http://archives.neohapsis.com/archives/bugtraq/2002-05/0086.html http://www.iss.net/security_center/static/9058.php http://www.securityfocus.com/bid/4709 http://www.kb.cert.org/vuls/id/259435	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0592`	vulnerable	2026-06-03 14:26:14.619342	Details available AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user. Published: 2002-06-11T04:00:00.000Z Updated: 2024-08-08T02:56:38.283Z Open on db.gcve.eu Reference links http://online.securityfocus.com/archive/1/269006 https://exchange.xforce.ibmcloud.com/vulnerabilities/8931 http://www.securityfocus.com/bid/4574	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0591`	vulnerable	2026-06-03 14:26:14.609748	Details available Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename. Published: 2002-06-11T04:00:00.000Z Updated: 2024-08-08T02:56:38.014Z Open on db.gcve.eu Reference links http://www.iss.net/security_center/static/8870.php http://www.securityfocus.com/bid/4526 http://archives.neohapsis.com/archives/bugtraq/2002-04/0203.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-1419`	vulnerable	2026-06-03 14:26:12.472817	Details available AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments. Published: 2005-03-20T05:00:00.000Z Updated: 2024-08-08T04:58:11.364Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/507771 https://exchange.xforce.ibmcloud.com/vulnerabilities/7233 http://www.kb.cert.org/vuls/id/JARL-56TPTN http://www.securityfocus.com/bid/3398 http://www.securityfocus.com/archive/1/247707	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.