Computer Security
[EN] no-pyccku

AOL Instant messenger code execution
updated since 26.09.2007
SecurityVulns ID:8192
Threat Level:
Description:Microsoft Internet Explorer control is used for HTML content rendering without limiting zone access.
Affected:AOL : Instant Messenger 6.1
 AOL : Instant Messenger 6.2
CVE:CVE-2007-4901 (Unspecified vulnerability in AOL Instant Messenger (AIM) allows remote attackers to write arbitrary HTML to a notification window via unspecified vectors in circumstances "when the window of origin is not the main focus.")
Original documentdocumentevanchik_(at), America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution (24.12.2007)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2007-0817: Remote Command execution, HTML and JavaScript injection vulnerabilities in AOL's Instant Messaging software (26.09.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod