Signature Detail
Short Name |
CHAT:AIM:OVERFLOW:AIM-HTTP-AWAY |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
CHAT |
Keywords |
AOL Instant Messenger Away Message Remote Buffer Overflow |
Release Date |
2006/10/09 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
CHAT: AOL Instant Messenger Away Message Remote Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the AOL Instant Messenger. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
AOL Instant Messenger is reported prone to a remote buffer overflow vulnerability when processing a malformed 'Away' message. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable computer to gain unauthorized access. AOL Instant Messenger versions 5.5.3595 and 5.5 are reported vulnerable to this issue, however, other versions may be affected as well.
Affected Products
- AOL Instant Messenger 5.5.0
- AOL Instant Messenger 5.5.3415 Beta
- AOL Instant Messenger 5.5.3595
References
- BugTraq: 10889
- CVE: CVE-2004-0636