2 matches found
CVE-2007-5124
The embedded Internet Explorer server control in AOL Instant Messenger AIM 6.5.3.12 and earlier allows remote attackers to execute arbitrary code via unspecified web script or HTML in an instant message, related to AIM's filtering of "specific tags and attributes" and the lack of Local Machine Zo...
CVE-2007-5124
CVE-2007-5124 concerns AOL AIM 6.5.3.12 and earlier, where an embedded Internet Explorer server control in the AIM client renders HTML content from IM messages without proper sanitization, enabling remote code execution. The root cause relates to inadequate handling of mshtml-based HTML/JS in mes...