An attacker can silently download files to the remote AOL Client
The remote host is running AOL Instant Messenger (AIM). A vulnerability has been discovered in AIM that could allow an attacker to force a user to download an attacker supplied file. If a vulnerable user has an option enabled that allows users to download files without a prompt, it may be possible to force the user to download a file. The file will be transferred without prompting the target user for authorization.
Disable the option which ignores file transfer prompts.