Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 CHAT:AIM:OVERFLOW:AIM-HTTP-AWAY

Severity

 Medium

Recommended

 No

Category

 CHAT

Keywords

 AIM away overflow

Release Date

 2006/10/09

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+

AIM: Away Message Overflow Over HTTP


This signature detects abnormally large AIM "Away" messages. Malicious users can craft Away messages to overflow a buffer on some Instant Messenger clients. A successfull attack can allow code execution.

Extended Description

AOL Instant Messenger is reported prone to a remote buffer overflow vulnerability when processing a malformed 'Away' message. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable computer to gain unauthorized access. AOL Instant Messenger versions 5.5.3595 and 5.5 are reported vulnerable to this issue, however, other versions may be affected as well.

Affected Products

  • AOL Instant Messenger 5.5.0
  • AOL Instant Messenger 5.5.3415 Beta
  • AOL Instant Messenger 5.5.3595

References

  • BugTraq: 10889
  • CVE: CVE-2004-0636

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy & Policy
Legal Notices
Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out