AOL Instant Messenger Login Sequence Remote Overflow

high Nessus Network Monitor Plugin ID 1257

Synopsis

The remote host is vulnerable to a buffer overflow

Description

The remote host is running AOL Instant Messenger (AIM). Certain versions of AIM contain a buffer overflow in the packet processing routines for the login process. Exploitation of this vulnerability may allow for execution of arbitrary code on the victim's machine.

Solution

Upgrade to the latest version of AOL Instant Messenger.

Plugin Details

Severity: High

ID: 1257

Family: Internet Messengers

Published: 8/20/2004

Updated: 3/6/2019

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.4

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:aol:aim

Reference Information

BID: 2236

Detections

Analytics