AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag.
Conclusion & alert: CVE-2005-1655 is rated High Exploit Risk (62.7/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 2.41%). Core evidence: 2 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| 25633 | exploit_db | edb | 2005-05-09 | Exploit-DB ↗ |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 3.39% | 2.41% | -0.97% |
| 2 | 2025-03-17 | 2.20% | 3.39% | +1.19% |
| 3 | 2024-12-17 | — | 2.20% | — |
Full EPSS history (10 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 5.0 | 2.0 | MEDIUM |
|
10.0 | 2.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| aol | instant_messenger | 1.2 | cpe:2.3:a:aol:instant_messenger:1.2:*:*:*:*:*:*:* |
| aol | instant_messenger | 2.0.912 | cpe:2.3:a:aol:instant_messenger:2.0.912:*:*:*:*:*:*:* |
| aol | instant_messenger | 2.0.996 | cpe:2.3:a:aol:instant_messenger:2.0.996:*:*:*:*:*:*:* |
| aol | instant_messenger | 2.0_n | cpe:2.3:a:aol:instant_messenger:2.0_n:*:*:*:*:*:*:* |
| aol | instant_messenger | 2.1.1236 | cpe:2.3:a:aol:instant_messenger:2.1.1236:*:*:*:*:*:*:* |
| aol | instant_messenger | 2.5.1366 | cpe:2.3:a:aol:instant_messenger:2.5.1366:*:*:*:*:*:*:* |
| aol | instant_messenger | 2.5.1598 | cpe:2.3:a:aol:instant_messenger:2.5.1598:*:*:*:*:*:*:* |
| aol | instant_messenger | 3.0.1415 | cpe:2.3:a:aol:instant_messenger:3.0.1415:*:*:*:*:*:*:* |
| aol | instant_messenger | 3.0.1470 | cpe:2.3:a:aol:instant_messenger:3.0.1470:*:*:*:*:*:*:* |
| aol | instant_messenger | 3.0_n | cpe:2.3:a:aol:instant_messenger:3.0_n:*:*:*:*:*:*:* |
| aol | instant_messenger | 3.5.1635 | cpe:2.3:a:aol:instant_messenger:3.5.1635:*:*:*:*:*:*:* |
| aol | instant_messenger | 3.5.1670 | cpe:2.3:a:aol:instant_messenger:3.5.1670:*:*:*:*:*:*:* |
| aol | instant_messenger | 3.5.1808 | cpe:2.3:a:aol:instant_messenger:3.5.1808:*:*:*:*:*:*:* |
| aol | instant_messenger | 3.5.1856 | cpe:2.3:a:aol:instant_messenger:3.5.1856:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.0 | cpe:2.3:a:aol:instant_messenger:4.0:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.1 | cpe:2.3:a:aol:instant_messenger:4.1:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.1.2010 | cpe:2.3:a:aol:instant_messenger:4.1.2010:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.2 | cpe:2.3:a:aol:instant_messenger:4.2:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.2.1193 | cpe:2.3:a:aol:instant_messenger:4.2.1193:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.3 | cpe:2.3:a:aol:instant_messenger:4.3:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.3.2229 | cpe:2.3:a:aol:instant_messenger:4.3.2229:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.4 | cpe:2.3:a:aol:instant_messenger:4.4:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.5 | cpe:2.3:a:aol:instant_messenger:4.5:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.6 | cpe:2.3:a:aol:instant_messenger:4.6:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.7 | cpe:2.3:a:aol:instant_messenger:4.7:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.7.2480 | cpe:2.3:a:aol:instant_messenger:4.7.2480:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.8.2616 | cpe:2.3:a:aol:instant_messenger:4.8.2616:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.8.2646 | cpe:2.3:a:aol:instant_messenger:4.8.2646:*:*:*:*:*:*:* |
| aol | instant_messenger | 4.8.2790 | cpe:2.3:a:aol:instant_messenger:4.8.2790:*:*:*:*:*:*:* |
| aol | instant_messenger | 5.0.2938 | cpe:2.3:a:aol:instant_messenger:5.0.2938:*:*:*:*:*:*:* |
| aol | instant_messenger | 5.1.3036 | cpe:2.3:a:aol:instant_messenger:5.1.3036:*:*:*:*:*:*:* |
| aol | instant_messenger | 5.2.3292 | cpe:2.3:a:aol:instant_messenger:5.2.3292:*:*:*:*:*:*:* |
| aol | instant_messenger | 5.5 | cpe:2.3:a:aol:instant_messenger:5.5:*:*:*:*:*:*:* |
| aol | instant_messenger | 5.5.3415_beta | cpe:2.3:a:aol:instant_messenger:5.5.3415_beta:*:*:*:*:*:*:* |
| aol | instant_messenger | 5.5.3595 | cpe:2.3:a:aol:instant_messenger:5.5.3595:*:*:*:*:*:*:* |
| aol | instant_messenger | 5.9.3702 | cpe:2.3:a:aol:instant_messenger:5.9.3702:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/13553 | Exploit |