Cross-Site Scripting Vulnerability in AOL Instant Messenger for MacOS and Windows
CVE-2002-2169

Currently unrated

Key Information:

Vendor

Aol

Status
Instant Messenger
Vendor
CVE Published:
31 December 2002

What is CVE-2002-2169?

AOL Instant Messenger versions 4.5 and 4.7 for both MacOS and Windows are susceptible to a cross-site scripting vulnerability. This flaw allows remote attackers to exploit it via a specially crafted URL containing a META HTTP-EQUIV="refresh" tag, enabling them to execute unauthorized actions, such as adding buddies or groups to a user's buddy list without consent.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.iss.net/security_center/static/9616.php
vdb-entryx_refsource_XF
http://www.mindflip.org/aim.html
x_refsource_MISC
http://online.securityfocus.com/archive/1/282443
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.