CVE-2002-0591

Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.

Date published : 2002-06-11

http://www.securityfocus.com/bid/4526

http://archives.neohapsis.com/archives/bugtraq/2002-04/0203.html