3 matches found
CVE-2000-1094
Affected software: AOL Instant Messenger (AIM) prior to version 4.3.2229. Vulnerability: A buffer overflow in the handling of the buddyicon command with a long src argument can allow a remote attacker to execute arbitrary commands on the victim’s machine. Root cause: Buffer overflow when processi...
CVE-2005-1891
Summary : CVE-2005-1891 affects AOL Instant Messenger (AIM) versions 5.9.3797 and earlier. The issue stems from the GIF parser in the ateimg32.dll component, where processing a specially crafted buddy icon can trigger an integer underflow in a loop counter, enabling a remote denial of service (cr...
CVE-2012-5816
Affected software: AOL Instant Messenger (AIM) 1.0.1.2. Vulnerability: AIM does not verify that the server hostname matches the CA/SubjectAltName in the X.509 certificate, enabling MITM with an arbitrary valid certificate. Impact as described: potential credential/local data exposure due to spoof...