Description
AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
https://www.exploit-db.com/exploits/25633
References (1)
Core 1
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13553
Scores
EPSS
0.0339
EPSS Percentile
87.5%
Details
Status
published
Products (36)
aol/instant_messenger
1.2
aol/instant_messenger
2.0.912
aol/instant_messenger
2.0.996
aol/instant_messenger
2.0_n
aol/instant_messenger
2.1.1236
aol/instant_messenger
2.5.1366
aol/instant_messenger
2.5.1598
aol/instant_messenger
3.0.1415
aol/instant_messenger
3.0.1470
aol/instant_messenger
3.0_n
... and 26 more
Published
May 18, 2005
Tracked Since
Feb 18, 2026