AOL Instant Messenger Local File Execution Vulnerability

Bugtraq ID: 6027
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Oct 22 2002 12:00AM
Updated: Oct 22 2002 12:00AM
Credit: Discovery is credited to "Blud Clot" <bludclot@hellokitty.com>.
Vulnerable: AOL Instant Messenger 4.8.2790
Not Vulnerable: AOL Instant Messenger 5.0.2938
AOL Instant Messenger 4.8.2616
- Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 95 SR2
 - Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
 - Microsoft Windows NT 4.0 SP5
 - Microsoft Windows NT 4.0 SP4
 - Microsoft Windows NT 4.0 SP3
 - Microsoft Windows NT 4.0 SP2
 - Microsoft Windows NT 4.0 SP1
 - Microsoft Windows NT 4.0
 AOL Instant Messenger 4.8 .2646
- Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
 - Microsoft Windows NT Workstation 4.0 SP5
 - Microsoft Windows NT Workstation 4.0 SP4
 - Microsoft Windows NT Workstation 4.0 SP3
 - Microsoft Windows NT Workstation 4.0 SP2
 - Microsoft Windows NT Workstation 4.0 SP1
 - Microsoft Windows NT Workstation 4.0
 - Microsoft Windows XP Home
AOL Instant Messenger 4.7.2480
- Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows CE 3.0
 - Microsoft Windows CE 2.0
 - Microsoft Windows NT 4.0 SP6a
 - Microsoft Windows NT 4.0 SP6
 - Microsoft Windows NT 4.0 SP5
 - Microsoft Windows NT 4.0 SP4
 - Microsoft Windows NT 4.0 SP3
 - Microsoft Windows NT 4.0 SP2
 - Microsoft Windows NT 4.0 SP1
 - Microsoft Windows NT 4.0


 

Privacy Statement
Copyright 2010, SecurityFocus