CVE-2002-0592

AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://online.securityfocus.com/archive/1/269006	Vendor Advisory
http://www.securityfocus.com/bid/4574	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/8931
http://online.securityfocus.com/archive/1/269006	Vendor Advisory
http://www.securityfocus.com/bid/4574	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/8931

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:aol:instant_messenger:2.0.912:::::::*
	cpe:2.3:a:aol:instant_messenger:2.0.996:::::::*
	cpe:2.3:a:aol:instant_messenger:2.0_n:::::::*
	cpe:2.3:a:aol:instant_messenger:2.1.1236:::::::*
	cpe:2.3:a:aol:instant_messenger:2.5.1366:::::::*
	cpe:2.3:a:aol:instant_messenger:2.5.1598:::::::*
	cpe:2.3:a:aol:instant_messenger:3.0.1415:::::::*
	cpe:2.3:a:aol:instant_messenger:3.0.1470:::::::*
	cpe:2.3:a:aol:instant_messenger:3.0_n:::::::*
	cpe:2.3:a:aol:instant_messenger:3.5.1635:::::::*
	cpe:2.3:a:aol:instant_messenger:3.5.1670:::::::*
	cpe:2.3:a:aol:instant_messenger:3.5.1808:::::::*
	cpe:2.3:a:aol:instant_messenger:3.5.1856:::::::*
	cpe:2.3:a:aol:instant_messenger:4.0:::::::*
	cpe:2.3:a:aol:instant_messenger:4.1:::::::*
	cpe:2.3:a:aol:instant_messenger:4.1.2010:::::::*
	cpe:2.3:a:aol:instant_messenger:4.2:::::::*
	cpe:2.3:a:aol:instant_messenger:4.2.1193:::::::*
	cpe:2.3:a:aol:instant_messenger:4.3:::::::*
	cpe:2.3:a:aol:instant_messenger:4.3.2229:::::::*
	cpe:2.3:a:aol:instant_messenger:4.4:::::::*
	cpe:2.3:a:aol:instant_messenger:4.5:::::::*
	cpe:2.3:a:aol:instant_messenger:4.6:::::::*
	cpe:2.3:a:aol:instant_messenger:4.7:::::::*
	cpe:2.3:a:aol:instant_messenger:4.7.2480:::::::*
	cpe:2.3:a:aol:instant_messenger:4.8.2616:::::::*
	cpe:2.3:a:aol:instant_messenger:4.8.2646:::::::*

History

20 Nov 2024, 23:39

Type	Values Removed	Values Added
References	~~() http://online.securityfocus.com/archive/1/269006 - Vendor Advisory~~	() http://online.securityfocus.com/archive/1/269006 - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/4574 - Patch, Vendor Advisory~~	() http://www.securityfocus.com/bid/4574 - Patch, Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/8931 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/8931 -

Information

Published : 2002-06-18 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2002-0592

Mitre link : CVE-2002-0592

CVE.ORG link : CVE-2002-0592

JSON object : View

Products Affected

aol

instant_messenger

CWE

NVD-CWE-Other

{"id": "CVE-2002-0592", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-06-18T04:00:00.000", "references": [{"url": "http://online.securityfocus.com/archive/1/269006", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/4574", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8931", "source": "cve@mitre.org"}, {"url": "http://online.securityfocus.com/archive/1/269006", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/4574", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8931", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:aol:instant_messenger:2.0.912:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60A5F43B-BF1D-4186-A72B-1DD5367A494B"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:2.0.996:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4D7D3BC-DE4A-4D56-A239-90A5D23BDA22"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:2.0_n:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED10DFD8-2532-466D-8EBB-F05081F2935D"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:2.1.1236:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA2FD74E-8AB0-4A19-AE4E-0823F1AC63DD"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:2.5.1366:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D371BDC-9E31-4EB1-88E9-82C2976086E1"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:2.5.1598:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64B46D19-9103-40C5-A6A4-D5BE8DF8276E"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:3.0.1415:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02FC8258-541C-47D9-81B7-F211451B1C65"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:3.0.1470:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D47319C5-1E96-4AEB-ABA9-638DFF22BD56"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:3.0_n:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "483C0045-4C10-4120-AB89-C36467993E25"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:3.5.1635:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7577D890-E06A-477C-80BE-48075FB16437"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:3.5.1670:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34B6D42F-9FD9-4E0D-BB59-8E65E817889C"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:3.5.1808:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C2B7D7B-DB48-458B-9CA5-813782BA600D"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:3.5.1856:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF19BBC6-C4F2-4636-8650-E178FFD6BF4C"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E00F0805-8C73-43B1-87AC-744434046E59"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3098DC2A-6A68-4160-9DAC-8F31A49BA45D"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.1.2010:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B2707D6-D5EC-4A22-B5E1-2A34913CB3FB"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7577EED-D28B-430A-B554-CE40D9154893"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.2.1193:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "172E406F-108C-4D9A-80AB-78CDF134C4A8"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E81E472E-45B5-465B-B2D7-40F906AC31E9"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.3.2229:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50A04B5F-F17B-4177-861B-66DFD4FBE225"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2D8157E-3447-44BF-AC22-5A65F4C707E7"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDA52A0F-2A09-4FA8-AC10-2D1B6B41D13C"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C4FA9B9-E98C-435C-9F7A-D62E348D92D9"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0ADB0D5-BD25-488D-87D3-426ABB036B7A"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.7.2480:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11FCCE0C-E6F9-4A01-872E-38C5F23C479E"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.8.2616:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E80E2514-9F43-48FB-B55E-094F45088D7C"}, {"criteria": "cpe:2.3:a:aol:instant_messenger:4.8.2646:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E553111-8B78-4B66-95BC-FD0EE897DDC4"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

7.5 /10