VULHUB ™

The AOL Instant Messenger client is prone to an issue which may allow maliciously crafted HTML to perform unauthorized actions (such as adding entries to the buddy list) on behalf of the user of a vulnerable client. This condition is due to how the client handles "aim:" URIs. These actions will be taken without prompting or notifying the user. This issue was reported for versions of AIM running on Microsoft Windows and MacOS. The Linux version of the client is not affected by this vulnerability.

The AOL Instant Messenger client is prone to an issue which may allow maliciously crafted HTML to perform unauthorized actions (such as adding entries to the buddy list) on behalf of the user of a vulnerable client. This condition is due to how the client handles "aim:" URIs. These actions will be taken without prompting or notifying the user. This issue was reported for versions of AIM running on Microsoft Windows and MacOS. The Linux version of the client is not affected by this vulnerability.