Unrated severityNVD Advisory· Published Jun 18, 2002· Updated Jun 16, 2026
CVE-2002-0591
CVE-2002-0591
Description
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:aol:instant_messenger:4.0:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:aol:instant_messenger:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.8_beta:*:*:*:*:*:*:*
- (no CPE)range: <=4.8 beta
Patches
Vulnerability mechanics
References
3- www.iss.net/security_center/static/8870.phpnvdPatchVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2002-04/0203.htmlnvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/4526nvdExploitVendor Advisory
News mentions
0No linked articles in our index yet.