Search:Software:Instant Messenger 4.8 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Program execution via AIM
document If user clicks on link to local executable it will be launched.

8! Buffer overflow in AOL Instant Messanger
updated since 03.01.2002
Buffer overflow on game request processing. Array boundary tracersal on aim: URL processing.

File send interception in AIM
Durig file trasmitio icomig connection is accepted without additioal user or IP validation.

6! Directory traversal in AIM direct conect
document During direct connect it's possible to send a file with a name containing "../"