CVE Tools

aol

Communicationscommercial

57

Cumulative CVEs

35

Monthly snapshots

#5

Peak rank

Top products

dailyfinance - stocks \& news1

Latest CVEs

The 15 most recently published vulnerabilities affecting aol.

CVE-2024-2363AOL AIM Triton Invite denial of service5.3Mar 10, 2024
CVE-2014-5570The DailyFinance - Stocks & News (aka com.aol.mobile.dailyFinance) application 2.0.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to s...5.4Sep 9, 2014
CVE-2012-5816AOL Instant Messenger (AIM) 1.0.1.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows m...5.8Nov 4, 2012
CVE-2009-4494AOLserver 4.5.1 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overw...5.0Jan 13, 2010
CVE-2009-3658Use-after-free vulnerability in the Sb.SuperBuddy.1 ActiveX control (sb.dll) in America Online (AOL) 9.5.0.1 allows remote attackers to trigger memory corruption or possibly execute arbitrary code ...8.8Oct 9, 2009
CVE-2007-6699Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser...4.3Feb 4, 2008
CVE-2007-6250Stack-based buffer overflow in AOL AOLMediaPlaybackControl (AOLMediaPlaybackControl.exe), as used by AmpX ActiveX control (AmpX.dll), might allow remote attackers to execute arbitrary code via the ...9.3Jan 9, 2008
CVE-2007-5755Multiple stack-based buffer overflows in the AOL AmpX ActiveX control in AmpX.dll 2.6.1.11 in AOL Radio allow remote attackers to execute arbitrary code via long arguments to unspecified methods.9.3Nov 14, 2007
CVE-2003-1503Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name.10.0Oct 25, 2007
CVE-2007-5124The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.5.3.12 and earlier allows remote attackers to execute arbitrary code via unspecified web script or HTML in an instant ...6.8Sep 27, 2007
CVE-2007-4901The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.1.41.2 and 6.2.32.1, AIM Pro, and AIM Lite does not properly constrain the use of mshtml.dll's web script and HTML fun...5.8Sep 14, 2007
CVE-2007-3437AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application crash) via a malformed header value in a SIP INVITE message, a different vulnera...7.8Jun 27, 2007
CVE-2007-3350AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application hang) via a flood of spoofed SIP INVITE requests.7.8Jun 22, 2007
CVE-2007-1904Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a...4.3Apr 10, 2007
CVE-2006-5820The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execut...9.3Apr 2, 2007