Filtered by vendor Aol
Subscriptions
Total
60 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2002-0785 | 1 Aol | 1 Instant Messenger | 2024-08-08 | N/A |
AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow. | ||||
CVE-2002-0587 | 1 Aol | 1 Aol Server | 2024-08-08 | N/A |
Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters. | ||||
CVE-2002-0592 | 1 Aol | 1 Instant Messenger | 2024-08-08 | N/A |
AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user. | ||||
CVE-2002-0591 | 1 Aol | 1 Instant Messenger | 2024-08-08 | N/A |
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename. | ||||
CVE-2002-0586 | 1 Aol | 1 Aol Server | 2024-08-08 | N/A |
Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters. | ||||
CVE-2002-0362 | 1 Aol | 1 Instant Messenger | 2024-08-08 | N/A |
Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp request and a TLV type greater than 0x2711. | ||||
CVE-2002-0100 | 1 Aol | 1 Aol Server | 2024-08-08 | N/A |
AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file. | ||||
CVE-2002-0005 | 1 Aol | 1 Instant Messenger | 2024-08-08 | N/A |
Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary code via a long argument in a game request (AddGame). | ||||
CVE-2003-1503 | 1 Aol | 1 Instant Messenger | 2024-08-08 | N/A |
Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name. | ||||
CVE-2004-2373 | 1 Aol | 1 Instant Messenger | 2024-08-08 | N/A |
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. | ||||
CVE-2004-0636 | 1 Aol | 1 Instant Messenger | 2024-08-08 | N/A |
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. | ||||
CVE-2005-2597 | 1 Aol | 1 Aol Client Software | 2024-08-07 | N/A |
AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program. | ||||
CVE-2005-1891 | 2 Aol, Microsoft | 2 Aim, Windows | 2024-08-07 | 7.5 High |
The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable. | ||||
CVE-2006-6442 | 1 Aol | 1 Aol Client Software | 2024-08-07 | N/A |
Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers to execute arbitrary code via a long ClientId argument. | ||||
CVE-2006-5820 | 1 Aol | 1 Aol | 2024-08-07 | N/A |
The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value. | ||||
CVE-2006-5650 | 1 Aol | 1 Icq | 2024-08-07 | N/A |
The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar. | ||||
CVE-2006-5502 | 1 Aol | 1 Aol | 2024-08-07 | N/A |
Heap-based buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the AddPictureNoAlbum method, a different vulnerability than CVE-2006-5501. | ||||
CVE-2006-5501 | 1 Aol | 1 Aol | 2024-08-07 | N/A |
Buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the downloadFileDirectory property, a different vulnerability than CVE-2006-5502. | ||||
CVE-2006-3887 | 1 Aol | 1 Ygp Screensaver Activex Control | 2024-08-07 | N/A |
Buffer overflow in AOL You've Got Pictures (YGP) Screensaver ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
CVE-2006-3888 | 1 Aol | 1 Ygp Pic Downloader Activex Control | 2024-08-07 | N/A |
Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method. |