Lucene search

[email protected]CVE-2002-0592

HistoryJun 18, 2002 - 4:00 a.m.

CVE-2002-0592

2002-06-1804:00:00

[email protected]

web.nvd.nist.gov

aim

remote attack

file transfer

vulnerability

port 4443

port 5190

nvd

cve-2002-0592

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.7%

JSON

AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user.

Affected configurations

NVD

Node

aolinstant_messengerMatch2.0.912

aolinstant_messengerMatch2.0.996

aolinstant_messengerMatch2.0_n

aolinstant_messengerMatch2.1.1236

aolinstant_messengerMatch2.5.1366

aolinstant_messengerMatch2.5.1598

aolinstant_messengerMatch3.0.1415

aolinstant_messengerMatch3.0.1470

aolinstant_messengerMatch3.0_n

aolinstant_messengerMatch3.5.1635

aolinstant_messengerMatch3.5.1670

aolinstant_messengerMatch3.5.1808

aolinstant_messengerMatch3.5.1856

aolinstant_messengerMatch4.0

aolinstant_messengerMatch4.1

aolinstant_messengerMatch4.1.2010

aolinstant_messengerMatch4.2

aolinstant_messengerMatch4.2.1193

aolinstant_messengerMatch4.3

aolinstant_messengerMatch4.3.2229

aolinstant_messengerMatch4.4

aolinstant_messengerMatch4.5

aolinstant_messengerMatch4.6

aolinstant_messengerMatch4.7

aolinstant_messengerMatch4.7.2480

aolinstant_messengerMatch4.8.2616

aolinstant_messengerMatch4.8.2646

CPENameOperatorVersion
aol:instant_messengeraol instant messengereq2.0.912
aol:instant_messengeraol instant messengereq2.0.996
aol:instant_messengeraol instant messengereq2.0_n
aol:instant_messengeraol instant messengereq2.1.1236
aol:instant_messengeraol instant messengereq2.5.1366
aol:instant_messengeraol instant messengereq2.5.1598
aol:instant_messengeraol instant messengereq3.0.1415
aol:instant_messengeraol instant messengereq3.0.1470
aol:instant_messengeraol instant messengereq3.0_n
aol:instant_messengeraol instant messengereq3.5.1635

CPE	Name	Operator	Version
aol:instant_messenger	aol instant messenger	eq	2.0.912
aol:instant_messenger	aol instant messenger	eq	2.0.996
aol:instant_messenger	aol instant messenger	eq	2.0_n
aol:instant_messenger	aol instant messenger	eq	2.1.1236
aol:instant_messenger	aol instant messenger	eq	2.5.1366
aol:instant_messenger	aol instant messenger	eq	2.5.1598
aol:instant_messenger	aol instant messenger	eq	3.0.1415
aol:instant_messenger	aol instant messenger	eq	3.0.1470
aol:instant_messenger	aol instant messenger	eq	3.0_n
aol:instant_messenger	aol instant messenger	eq	3.5.1635

Rows per page:

1-10 of 271

References

online.securityfocus.com/archive/1/269006

www.securityfocus.com/bid/4574

exchange.xforce.ibmcloud.com/vulnerabilities/8931

Social References

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.7%

JSON

Related for CVE-2002-0592

cvelist1 nvd1