icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

AOL Instant Messenger Malformed ASCII Value Message DoS

Medium

Synopsis

The remote host is vulnerable to a denial of service (DoS) attack

Description

The remote host is running AOL Instant Messenger (AIM). Versions prior to and including 3.5 of AIM do not properly handle coded ASCII symbols (&#XXX format) where XXX is a number greater than 255. AIM may crash if such a symbol is encountered resulting in a denial of service attack.

Solution

Upgrade to the latest version of AOL Instant Messenger.