CVE-2002-0592
First published: Tue Jun 11 2002(Updated: )
AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| AOL AIM Triton | =2.1.1236 | |
| AOL AIM Triton | =4.2 | |
| AOL AIM Triton | =4.0 | |
| AOL AIM Triton | =3.5.1856 | |
| AOL AIM Triton | =4.8.2646 | |
| AOL AIM Triton | =4.5 | |
| AOL AIM Triton | =2.0.912 | |
| AOL AIM Triton | =4.3 | |
| AOL AIM Triton | =3.0_n | |
| AOL AIM Triton | =2.0.996 | |
| AOL AIM Triton | =4.1.2010 | |
| AOL AIM Triton | =4.6 | |
| AOL AIM Triton | =3.0.1415 | |
| AOL AIM Triton | =3.5.1635 | |
| AOL AIM Triton | =2.0_n | |
| AOL AIM Triton | =4.3.2229 | |
| AOL AIM Triton | =2.5.1598 | |
| AOL AIM Triton | =4.8.2616 | |
| AOL AIM Triton | =3.0.1470 | |
| AOL AIM Triton | =3.5.1808 | |
| AOL AIM Triton | =4.2.1193 | |
| AOL AIM Triton | =3.5.1670 | |
| AOL AIM Triton | =4.7 | |
| AOL AIM Triton | =2.5.1366 | |
| AOL AIM Triton | =4.7.2480 | |
| AOL AIM Triton | =4.4 | |
| AOL AIM Triton | =4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-0592?
CVE-2002-0592 is classified as a high severity vulnerability due to its potential to allow remote attackers to steal files during transfers.
How do I fix CVE-2002-0592?
To fix CVE-2002-0592, update AOL Instant Messenger to the latest version or implement a firewall to block the vulnerable ports.
What are the affected versions of AOL Instant Messenger in CVE-2002-0592?
CVE-2002-0592 affects multiple versions including AOL Instant Messenger versions 2.0, 3.x, 4.x, and earlier.
Can CVE-2002-0592 be exploited remotely?
Yes, CVE-2002-0592 can be exploited remotely as attackers can intercept file transfers by connecting to specific ports before the intended recipient.
Is there a workaround for CVE-2002-0592?
A potential workaround for CVE-2002-0592 is to disable file transfer features or utilize secure transfer protocols to mitigate the risk.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/remedy
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/aol
- canonical/aol instant messenger
- version/aol instant messenger/2.0.912
- version/aol instant messenger/2.0.996
- version/aol instant messenger/2.0_n
- version/aol instant messenger/2.1.1236
- version/aol instant messenger/2.5.1366
- version/aol instant messenger/2.5.1598
- version/aol instant messenger/3.0.1415
- version/aol instant messenger/3.0.1470
- version/aol instant messenger/3.0_n
- version/aol instant messenger/3.5.1635
- version/aol instant messenger/3.5.1670
- version/aol instant messenger/3.5.1808
- version/aol instant messenger/3.5.1856
- version/aol instant messenger/4.0
- version/aol instant messenger/4.1
- version/aol instant messenger/4.1.2010
- version/aol instant messenger/4.2
- version/aol instant messenger/4.2.1193
- version/aol instant messenger/4.3
- version/aol instant messenger/4.3.2229
- version/aol instant messenger/4.4
- version/aol instant messenger/4.5
- version/aol instant messenger/4.6
- version/aol instant messenger/4.7
- version/aol instant messenger/4.7.2480
- version/aol instant messenger/4.8.2616
- version/aol instant messenger/4.8.2646