AOL Instant Messenger Login Sequence Remote Overflow

High Nessus Network Monitor Plugin ID 1257

Synopsis

The remote host is vulnerable to a buffer overflow

Description

The remote host is running AOL Instant Messenger (AIM). Certain versions of AIM contain a buffer overflow in the packet processing routines for the login process. Exploitation of this vulnerability may allow for execution of arbitrary code on the victim's machine.

Solution

Upgrade to the latest version of AOL Instant Messenger.

Plugin Details

Severity: High

ID: 1257

File Name: 1257.prm

Published: 2004/08/20

Modified: 2016/01/22

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 7.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:U/RC:ND

CVSSv3

Base Score: 8.1

Temporal Score: 7.4

Vector: CVSS3#AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:aol:aim

Reference Information

BID: 2236