AOL Instant Messenger <= 4.3.2229 Multiple Overflows
High Nessus Network Monitor Plugin ID 1253
SynopsisThe remote host is vulnerable to a buffer overflow
DescriptionThe remote host is running AOL Instant Messenger (AIM). Version prior to and including 4.3.2229 contain buffer overflows in the code that processes AIM URLs. URLs containing "aim://" along with exceptionally long goim and screenname parameter strings may crash a remote AIM client provided the victim clicks on the link. A victim does NOT have to be running AIM for a remote attacker to exploit this vulnerability.
SolutionUpgrade to the latest version of AOL Instant Messenger.