Vulnerabilities > CVE-2004-2373 - Unspecified vulnerability in AOL Instant Messenger

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
aol
exploit available

Summary

The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations.

Exploit-Db

descriptionAOL Instant Messenger 4.x/5.x Buddy Icon Predictable File Location Weakness. CVE-2004-2373. Remote exploit for windows platform
idEDB-ID:23730
last seen2016-02-02
modified2004-02-19
published2004-02-19
reporterMichael Evanchik
sourcehttps://www.exploit-db.com/download/23730/
titleAOL Instant Messenger 4.x/5.x Buddy Icon Predictable File Location Weakness