AOL Instant Messenger ASCII-Symbol Interpretation Denial of Service

High Nessus Network Monitor Plugin ID 1258

Synopsis

The remote host is vulnerable to a buffer overflow

Description

The remote host is running AOL Instant Messenger (AIM). Certain versions of AIM contain a buffer overflow in the packet processing routines for the login process. Exploitation of this vulnerability may allow for execution of arbitrary code on the victims machine.

Solution

Upgrade to the latest version of AOL Instant Messenger

Plugin Details

Severity: High

ID: 1258

File Name: 1258.prm

Published: 2004/08/20

Modified: 2016/01/22

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 7.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:U/RC:ND

CVSSv3

Base Score: 8.1

Temporal Score: 7.4

Vector: CVSS3#AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:aol:aim

Reference Information

BID: 2236