← Back

CVE-2002-0591

nvd nist
Published: Jun 18, 2002Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.

Affected (9)

Aol
1 product
Instant Messenger
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Aol
Instant Messenger
Version 4.0
Instant Messenger
Version 4.1
Instant Messenger
Version 4.2
Instant Messenger
Version 4.3
Instant Messenger
Version 4.4
Instant Messenger
Version 4.5
Instant Messenger
Version 4.6
Instant Messenger
Version 4.7
Instant Messenger
Version 4.8_beta

References (6)

Source: cve@mitre.org
ExploitPatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory

Timeline

No history available yet.