CVE-2002-0591 Information

Description

Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-04/0203.html http://www.iss.net/security_center/static/8870.php http://www.securityfocus.com/bid/4526