Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Instant_messenger | Aol | 4.7.2480 (including) | 4.7.2480 (including) |
| Instant_messenger | Aol | 4.8.2616 (including) | 4.8.2616 (including) |
| Instant_messenger | Aol | 4.8.2646 (including) | 4.8.2646 (including) |
| Instant_messenger | Aol | 5.0.2938 (including) | 5.0.2938 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-10/0319.html
- http://www.iss.net/security_center/static/10441.php
- http://www.securityfocus.com/bid/6027
- http://archives.neohapsis.com/archives/bugtraq/2002-10/0319.html
- http://www.iss.net/security_center/static/10441.php
- http://www.securityfocus.com/bid/6027