Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026
CVE-2004-2373
CVE-2004-2373
Description
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations.
Affected products
15cpe:2.3:a:aol:instant_messenger:4.3:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:aol:instant_messenger:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.3.2229:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.7.2480:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.8.2616:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.8.2646:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:4.8.2790:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:5.0.2938:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:5.1.3036:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:5.2.3292:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:aol:instant_messenger:5.5.3415_beta:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.securityfocus.com/bid/9698nvdExploit
- www.securityfocus.com/archive/1/354448nvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/15310nvd
News mentions
0No linked articles in our index yet.