RSS   Vulnerabilities for 'Aolserver'   RSS

2010-01-13
 
CVE-2009-4494

CWE-20
 

 
AOLserver 4.5.1 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.

 

 >>> Vendor: AOL 17 Products
Instant messenger
Aol server
Aol client software
AOL
Ygp screensaver activex control
Ygp pic downloader activex control
ICQ
Aim lite
Aim pro
Radio
Aolmediaplaybackcontrol
Ygp piceditor activex control
Internet software
Sb.superbuddy.1 active x control
Aolserver
AIM
Dailyfinance - stocks & news


Copyright 2017, cxsecurity.com

 

Back to Top