Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Instant_messenger | Aol | 4.2 | 4.2 |
Instant_messenger | Aol | 4.0 | 4.0 |
Instant_messenger | Aol | 4.5 | 4.5 |
Instant_messenger | Aol | 4.3 | 4.3 |
Instant_messenger | Aol | 4.8_beta | 4.8_beta |
Instant_messenger | Aol | 4.6 | 4.6 |
Instant_messenger | Aol | 4.7 | 4.7 |
Instant_messenger | Aol | 4.4 | 4.4 |
Instant_messenger | Aol | 4.1 | 4.1 |