{"vuid":"VU#41301","idnumber":"41301","name":"AOL Instant Messenger buffer overflow in screename","keywords":["AOL","AIM","Instant Messenger","buffer overflow","screenname","URL aim:"],"overview":"A buffer overflow exists in the AOL Instant Messenger (AIM) client versions 3.5.x and prior when accepting the screenname from the command line, or through the aim protocol.","clean_desc":"AIM installs a protocol on the machine that enables people to post links on their websites, or send them in email messages to friends. For example: <a href=\"aim:goim?screenname=myname\"> Send me an instant message here.</a> One can also specify command line options to AIM for when it starts. AIM versions 3.5.x and prior contain a buffer overflow. When specifying a screenname using the aim protocol, or command line option, one can trigger a buffer overflow in the client.","impact":"A denial of service against the client can occur.","resolution":"Upgrade to a version of AIM higher than 3.5.x.","workarounds":"","sysaffected":"","thanks":"This vulnerability was discovered by Joe Testa.","author":"This document was written by Jason Rafail.","public":["h","t","t","p",":","/","/","w","w","w",".","n","t","b","u","g","t","r","a","q",".","c","o","m","/","d","e","f","a","u","l","t",".","a","s","p","?","p","i","d","=","3","6","&","s","i","d","=","1","&","A","2","=","i","n","d","0","0","0","3","&","L","=","n","t","b","u","g","t","r","a","q","&","F","=","P","&","S","=","&","P","=","5","4","7","9"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2000-03-28T21:24:02Z","publicdate":"2000-03-15T00:00:00Z","datefirstpublished":"2002-01-16T23:30:15Z","dateupdated":"2002-01-31T21:53:37Z","revision":10,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"1","cam_population":"5","cam_impact":"3","cam_easeofexploitation":"12","cam_attackeraccessrequired":"15","cam_scorecurrent":"1.063125","cam_scorecurrentwidelyknown":"1.063125","cam_scorecurrentwidelyknownexploited":"2.075625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.063125,"vulnote":null}