Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0592

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0592
Last Modified 05 Sep 2008 04:28:25
Published 18 Jun 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0592

Summary

AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user.

Vulnerable Systems

Application

  • Aol Instant Messenger 2.0 N

  • Aol Instant Messenger 2.0.912

  • Aol Instant Messenger 2.0.996

  • Aol Instant Messenger 2.1.1236

  • Aol Instant Messenger 2.5.1366

  • Aol Instant Messenger 2.5.1598

  • Aol Instant Messenger 3.0 N

  • Aol Instant Messenger 3.0.1415

  • Aol Instant Messenger 3.0.1470

  • Aol Instant Messenger 3.5.1635

  • Aol Instant Messenger 3.5.1670

  • Aol Instant Messenger 3.5.1808

  • Aol Instant Messenger 3.5.1856

  • Aol Instant Messenger 4.0

  • Aol Instant Messenger 4.1

  • Aol Instant Messenger 4.1.2010

  • Aol Instant Messenger 4.2

  • Aol Instant Messenger 4.2.1193

  • Aol Instant Messenger 4.3

  • Aol Instant Messenger 4.3.2229

  • Aol Instant Messenger 4.4

  • Aol Instant Messenger 4.5

  • Aol Instant Messenger 4.6

  • Aol Instant Messenger 4.7

  • Aol Instant Messenger 4.7.2480

  • Aol Instant Messenger 4.8.2616

  • Aol Instant Messenger 4.8.2646


References

BID - 4574

XF - aim-hijack-connection(8931)

BUGTRAQ - 20020421 AIM Remote File Transfer/Direct Connection Vulnerability


Last Updated: 27 May 2016 10:36:59