CVE-2004-2373
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2004
Last modified:
03/04/2025
Description
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:aol:instant_messenger:4.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:4.3.2229:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:4.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:4.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:4.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:4.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:4.7.2480:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:4.8.2616:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:4.8.2646:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:4.8.2790:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:5.0.2938:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:5.1.3036:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:5.2.3292:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:5.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:aol:instant_messenger:5.5.3415_beta:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page