Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1416

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2001-1416
Last Modified 05 Sep 2008 04:26:29
Published 18 Jan 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2001-1416

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags.

Vulnerable Systems

Application

  • Aol Instant Messenger 4.4a


References

CONFIRM - http://www.kb.cert.org/vuls/id/JARL-56TPBQ

CERT-VN - VU#541384

MISC - http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=19811&DisplayTab=Article


Last Updated: 27 May 2016 10:36:40