Vulnerability Description
AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could allow code from free.aol.com to bypass intended access restrictions.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aol | Instant Messenger | 4.7.2480 |
References
- http://www.informationweek.com/story/IWK20010927S0021
- http://www.instantmessagingplanet.com/security/article.php/10818_1014151
- http://www.kb.cert.org/vuls/id/744139US Government Resource
- http://www.informationweek.com/story/IWK20010927S0021
- http://www.instantmessagingplanet.com/security/article.php/10818_1014151
- http://www.kb.cert.org/vuls/id/744139US Government Resource
FAQ
What is CVE-2002-1591?
CVE-2002-1591 is a vulnerability with a CVSS score of 7.5 (HIGH). AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could allow code from free.aol.com to bypass intended access restrict...
How severe is CVE-2002-1591?
CVE-2002-1591 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1591?
Check the references section above for vendor advisories and patch information. Affected products include: Aol Instant Messenger.