AOL : Security Vulnerabilities, CVEs, Published In April 2007
Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a .. (dot dot) in a filename in a file transfer operation.
Max CVSS
4.3
EPSS Score
2.35%
Published
2007-04-10
Updated
2017-07-29
The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value.
Max CVSS
9.3
EPSS Score
59.67%
Published
2007-04-02
Updated
2018-10-17
2 vulnerabilities found