Directory Traversal Vulnerability in AOL Instant Messenger and ICQ
CVE-2007-1904

Currently unrated

Key Information:

Vendor

Aol

Status
Icq
Instant Messenger
Vendor
CVE Published:
10 April 2007

What is CVE-2007-1904?

A directory traversal vulnerability exists in AOL Instant Messenger versions 5.9 and earlier, and in ICQ version 5.1 and possibly earlier. This flaw allows remote attackers to exploit user-assisted file transfers to write files to arbitrary locations on the victim's system. By using a specially crafted filename that includes a .. (dot dot) sequence, attackers can manipulate the file path during a transfer operation, gaining unauthorized access to sensitive locations within the file system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1017890
vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/33538
vdb-entryx_refsource_XF
http://www.vupen.com/english/advisories/2007/1307
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.