SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information

Report a Vulnerability

 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#474592

AOL Instant Messenger contains buffer overflows in parsing of AIM URI handler requests

Overview

AOL Instant Messenger (AIM) is an application that allows one peer to communicate with another. A buffer overflow vulnerability exists that can manipulate the configuration of the victim's client.

I. Description

AIM installs a URI handler that permits the use of the "aim:" protocol on the machine that enables people to post links on their websites, or send them in email messages to friends. For example:

<a href="aim:goim?screenname=myname">Send me an instant message here.</a>

One can also specify command line options to AIM for when it starts, permitting this vulnerability to be exploited by an application, or trojan. AIM versions 3.5.x and prior contain a buffer overflow. When specifying options using the aim protocol, or the command line, one can trigger a buffer overflow in the client. In addition to crashing the client, an attacker can add arbitrary "buddies" to an AIM user's buddy list by a malicious web page or html-based e-mail message.

II. Impact

An attacker can add arbitrary users to the victim's "buddy" list, or crash their client.

III. Solution

Upgrade to a version of AIM higher than 3.5.x.

Systems Affected

VendorStatusDate NotifiedDate Updated
AOL Time WarnerVulnerable28-Jan-2002

References

http://www.kb.cert.org/vuls/id/41301
http://www.atstake.com/research/advisories/2000/a121200-1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1094

Credit

Our thanks to @stake <researchlabs@atstake.com > for the information contained in their advisory.

This document was written by Jason Rafail.

Other Information

Date Public:2000-12-12
Date First Published:2002-04-05
Date Last Updated:2002-04-05
CERT Advisory: 
CVE-ID(s): 
NVD-ID(s): 
US-CERT Technical Alerts: 
Severity Metric:4.50
Document Revision:13

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2002 Carnegie Mellon University
Disclaimers and copyright information
Get a PDF Reader