AIM Smiley Icon Location Remote Denial Of Service

Medium Nessus Plugin ID 18299


The remote Windows application is prone to denial of service attacks.


According to the Windows registry, the remote host has installed on it a version of AOL Instant Messenger that does not properly handle invalid data passed as the location of a 'smiley' icon. Such invalid data leads to an application crash, possibly because of a buffer overflow.


Unknown at this time.

Plugin Details

Severity: Medium

ID: 18299

File Name: aim_smiley_location_dos.nasl

Version: $Revision: 1.15 $

Type: local

Agent: windows

Family: Windows

Published: 2005/05/19

Modified: 2011/09/29

Dependencies: 18431

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Required KB Items: AIM/version

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2005/05/10

Reference Information

CVE: CVE-2005-1655

BID: 13553

OSVDB: 20683