CVE Vulnerabilities

CVE-2002-2169

Published: Dec 31, 2002 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a users buddy list, via a URL with a META HTTP-EQUIV=refresh tag to an aim: URL.

Affected Software

Name Vendor Start Version End Version
Instant_messenger Aol 4.5 4.5
Instant_messenger Aol 4.7 4.7
Instant_messenger Aol 4.7.2480 4.7.2480

References