Detections
Analytics
AOL Instant Messenger AddBuddy Link Long ScreenName Parameter Overflow DoS
medium Nessus Network Monitor Plugin ID 1248
Synopsis
The remote host is vulnerable to a buffer overflowDescription
The remote host is running AOL Instant Messenger (AIM). A possible buffer overflow vulnerability exists in AIM. The condition is related to processing of malformed aim:AddBuddy hyperlinks. If a victim clinks on an AddBuddy hyperlink consisting of many comma delimited screen names, a crash occurs.Solution
Upgrade to the latest version of AOL Instant MessengerPlugin Details
Severity: Medium
ID: 1248
Family: Internet Messengers
Published: 8/20/2004
Updated: 3/6/2019
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS v3
Risk Factor: Medium
Base Score: 5.3
Temporal Score: 5.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X
Vulnerability Information
CPE: cpe:/a:aol:aim
Reference Information
CVE: CVE-2002-0785