icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

AOL Instant Messenger AddExternalApp Remote Buffer Overflow

Synopsis

The remote host is vulnerable to a buffer overflow

Description

The remote host is running AOL Instant Messenger (AIM). AIM is vulnerable to a buffer overflow when an AddExternalApp request is received with a TLV greater than 0x2711. This vulnerability could allow a remote user to execute arbitrary code with the privaleges of the user running the AIM client.

Solution

Upgrade to the latest version of AOL Instant Messenger.