Vulnerability in Aol Instant_messenger
CVE-2004-2373
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations.
EPSS: 0.027 (84.1th percentile) — read the EPSS interpretation.
Affected products
- Aol Instant_messenger — versions 4.3, 4.3.2229, 4.4
- N/a — versions n/a
References
- cve@mitre.org (Vendor Advisory, mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_XF)