RSS   Vulnerabilities for 'AIM'   RSS

2012-11-04
 
CVE-2012-5816

 

 
AOL Instant Messenger (AIM) 1.0.1.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

 

 >>> Vendor: AOL 17 Products
Instant messenger
Aol server
Aol client software
AOL
Ygp screensaver activex control
Ygp pic downloader activex control
ICQ
Aim lite
Aim pro
Radio
Aolmediaplaybackcontrol
Ygp piceditor activex control
Internet software
Sb.superbuddy.1 active x control
Aolserver
AIM
Dailyfinance - stocks & news


Copyright 2017, cxsecurity.com

 

Back to Top