AOL » Instant Messenger : Security Vulnerabilities, CVEs, (Denial of service)
AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application crash) via a malformed header value in a SIP INVITE message, a different vulnerability than CVE-2007-3350.
Max CVSS
7.8
EPSS Score
0.95%
Published
2007-06-27
Updated
2017-07-29
AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application hang) via a flood of spoofed SIP INVITE requests.
Max CVSS
7.8
EPSS Score
1.07%
Published
2007-06-22
Updated
2017-07-29
Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allows user-assisted remote attackers to cause a denial of service (client crash) and possibly execute arbitrary code by tricking the user into requesting Buddy Info about a long screen name, which might cause a buffer overflow.
Max CVSS
5.1
EPSS Score
2.40%
Published
2006-02-10
Updated
2018-10-19
AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag.
Max CVSS
5.0
EPSS Score
10.81%
Published
2005-05-18
Updated
2008-09-05
Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 allows remote attackers to cause a denial of service (crash) via escaping of the screen name parameter, which triggers the overflow when the user selects "Get Info" on the buddy.
Max CVSS
5.0
EPSS Score
0.28%
Published
2002-12-31
Updated
2008-09-05
AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow.
Max CVSS
5.0
EPSS Score
1.90%
Published
2002-08-12
Updated
2008-09-05
AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to cause a denial of service (application crash) via a large number of different fonts followed by an HTML HR tag.
Max CVSS
5.0
EPSS Score
2.13%
Published
2001-10-06
Updated
2017-07-11
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow.
Max CVSS
5.0
EPSS Score
2.01%
Published
2005-05-02
Updated
2017-07-11
AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments.
Max CVSS
5.0
EPSS Score
3.32%
Published
2001-10-02
Updated
2017-07-11
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a malformed WAV file.
Max CVSS
5.0
EPSS Score
2.13%
Published
2001-10-06
Updated
2017-07-11
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data.
Max CVSS
5.0
EPSS Score
2.06%
Published
2001-10-06
Updated
2017-07-11
Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters.
Max CVSS
5.0
EPSS Score
0.81%
Published
2000-12-11
Updated
2017-10-10
AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value.
Max CVSS
5.0
EPSS Score
0.27%
Published
2000-03-02
Updated
2008-09-10
Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash.
Max CVSS
5.0
EPSS Score
0.27%
Published
1998-02-01
Updated
2022-08-17
14 vulnerabilities found