AOL Instant Messenger (AIM) is an application that allows one peer to communicate with another. A vulnerability exists that can crash the client of a victim.
AIM permits users to send files from one peer to another. By sending a file with a long name, it is possible to crash the client of the recipient.
By repeatedly sending this message with the file attached, a continued denial of service can be caused.
This has been resolved in AIM for Windows beta version 4.8.2540.
AIM permits the user to only accept messages from known/trusted peers. Enable this feature.
This vulnerability was discovered by Robbie Saunders.
This document was written by Jason Rafail.
|Date First Published:||2002-01-14|
|Date Last Updated:||2002-01-14 18:22 UTC|