Vulnerabilities > CVE-2002-0591 - Unspecified vulnerability in AOL Instant Messenger

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
aol
exploit available

Summary

Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.

Exploit-Db

descriptionAOL Instant Messenger 4.x Arbitrary File Creation Vulnerability. CVE-2002-0591. Remote exploit for windows platform
idEDB-ID:21386
last seen2016-02-02
modified2002-04-17
published2002-04-17
reporterNoah Johnson
sourcehttps://www.exploit-db.com/download/21386/
titleAOL Instant Messenger 4.x - Arbitrary File Creation Vulnerability