Remote Code Execution Vulnerability in AOL Instant Messenger by AOL
CVE-2007-5124

Currently unrated

Key Information:

Vendor: Aol
Status: Instant Messenger
Vendor: CVE Published:; 27 September 2007

What is CVE-2007-5124?

The embedded Internet Explorer server control in AOL Instant Messenger versions 6.5.3.12 and earlier is vulnerable to exploitation. Remote attackers can execute arbitrary code by sending malicious web scripts or HTML within instant messages. This issue arises due to AIM's inadequate filtering of specific tags and attributes, along with the absence of Local Machine Zone lockdown. Notably, this vulnerability is linked to an incomplete resolution of a prior security issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://aviv.raffon.net/2007/09/25/ReadyAIMFire.aspx

x_refsource_MISC

http://www.securityfocus.com/archive/1/480647/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Sep 27, 2007
Vulnerability Reserved
Sep 27, 2007

JSON

Aol

What is CVE-2007-5124?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.