{"vuid":"VU#259435","idnumber":"259435","name":"AOL Instant Messenger vulnerable to buffer overflow via crafted \"addbuddy\" URI sent in message","keywords":["AOL Instant Messenger","buffer overflow","addbuddy","crafted URI","URL"],"overview":"America Online's Instant Messenger (AIM) contains a remotely exploitable buffer overflow vulnerability.","clean_desc":"AOL Instant Messenger is a widely used program for communicating with other users over the Internet. A buffer overflow exists in the processing of the addbuddy parameter of the AIM URI handler. A URI can be sent by another AIM user, embedded in a web site, or sent in an HTML-renderable email message.","impact":"A denial-of-service situation is caused. It has not been determined if this vulnerability can lead to the remote execution of code.","resolution":"","workarounds":"Block AIM Authentication at the Firewall Blocking connections to login.oscar.aol.com on port 5190/tcp may prevent users on the local network from authenticating to the AIM server. This may be sufficient to prevent the vulnerability from being exploited. Block Untrusted Messages AIM permits the user to only accept messages from known peers. By enabling this feature, you may be able to prevent the vulnerability from being exploited. Note that you may still be vulnerable to attacks that originate from known peers if the vulnerability is exploited in a worm like fashion.","sysaffected":"","thanks":"This vulnerability was reported by NtWaK0 <adonis1@videotron.ca>.","author":"This document was written by Jason Rafail.","public":["http://securitytracker.com/alerts/2002/Mar/1003713.html","http://online.securityfocus.com/bid/4244","http://www.securityfocus.com/bid/4709"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-03-05T18:02:12Z","publicdate":"2002-03-01T00:00:00Z","datefirstpublished":"2002-06-11T20:12:27Z","dateupdated":"2002-06-13T18:37:39Z","revision":22,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"18","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"10","cam_impact":"3","cam_easeofexploitation":"12","cam_attackeraccessrequired":"15","cam_scorecurrent":"2.32875","cam_scorecurrentwidelyknown":"2.53125","cam_scorecurrentwidelyknownexploited":"4.55625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":2.32875,"vulnote":null}