CVE-2002-1813

AOL Instant Messenger - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Blud Clot · textremotewindows

https://www.exploit-db.com/exploits/21958

View Code ZIP pw:eip

References (3)

Core 3

Core References

Patch vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/10441.php

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2002-10/0319.html

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/6027

Scores

EPSS 0.0306

EPSS Percentile 86.9%

Details

Status published

Products (4)

aol/instant_messenger 4.7.2480

aol/instant_messenger 4.8.2616

aol/instant_messenger 4.8.2646

aol/instant_messenger 5.0.2938

Published Dec 31, 2002

Tracked Since Feb 18, 2026