DEBIAN-CVE-2009-3615

The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service application crash via crafted contact-list data for 1 ICQ and possibly 2 AIM, as demonstrated by the SIM IM client...

Design/Logic Flaw

Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value specifying a protocol associated with an external application, which allows remote attackers to cau...

CVE-2008-5401

CVE-2008-5401 affects Trillian Messenger. A stack-based buffer overflow in the image tooltip parsing (AIM IMG Tag Parsing) allows remote code execution via a long image filename and impacts Trillian versions up to 3.1.11.0; vulnerable until 3.1.11.0, with 3.1.12.0 addressing the issue. Remediatio...

Trillian aim:// URI Handler Vulnerabilities

The version of Trillian installed on the remote host contains a buffer overflow in its AIM protocol URI handler in 'aim.dll' and also allows creation of arbitrary files with arbitrary content using specially- crafted 'aim://'' URIs. A remote attacker may be able to leverage these issues to execut...

CVE-2007-3832

Buffer overflow in the AOL Instant Messenger AIM protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///1111111/ substring...

CVE-2007-3833

The AOL Instant Messenger AIM protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary contents via certain aim: URIs, as demonstrated by a URI that begins with the "aim: &c:" substring and contains a full pathname in the ini field. NOTE: this can be...

Design/Logic Flaw

The AOL Instant Messenger AIM protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary contents via certain aim: URIs, as demonstrated by a URI that begins with the "aim: &c:" substring and contains a full pathname in the ini field. NOTE: this can be...

CVE-2007-3832

The CVE-2007-3832 issue affects Trillian before 3.1.7.0, where a buffer overflow in the AIM protocol URI handler (aim.dll) can be triggered by specially crafted aim:// URIs. An unauthenticated remote attacker could potentially execute arbitrary code with the user’s privileges by convincing a user...

CVE-2007-3832

Buffer overflow in the AOL Instant Messenger AIM protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///1111111/ substring...

CVE-2007-3833

The AOL Instant Messenger AIM protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary contents via certain aim: URIs, as demonstrated by a URI that begins with the "aim: &c:" substring and contains a full pathname in the ini field. NOTE: this can be...

AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/2118/info AOL Instant Messenger AIM is a real time messaging service for users that are on line. When AOL Instant Messenger is installed, by default it configures the system so that the aim: URL protocol connects aim:// urls to the AIM client. There exist...