{"vuid":"VU#530299","idnumber":"530299","name":"AOL Instant Messenger vulnerable to buffer overflow via numerous fonts sent to client followed by &lt HR&gt","keywords":["AOL Instant Messenger","buffer overflow","fonts","<HR>"],"overview":"AOL Instant Messenger (AIM) is an application that allows one peer to communicate with another. A vulnerability exists that can crash the client window and in some cases the operating system(OS).","clean_desc":"AIM for Windows stores font names in the messages sent from one client to another. By using numerous fonts, and sending a html division line <HR>, an attacker can cause the victim's client to crash.","impact":"By repeatedly sending this message, a continued denial of service can be caused.","resolution":"This has been resolved in AIM for Windows beta version 4.8.2540.","workarounds":"AIM permits the user to only accept messages from known/trusted peers. Enable this feature.","sysaffected":"","thanks":"This vulnerability was discovered by Robbie Saunders.","author":"This document was written by Jason Rafail.","public":["http://www.ssnbc.com/wiz/","http://www.securityfocus.com/bid/3756"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-10-08T15:22:41Z","publicdate":"2001-10-06T00:00:00Z","datefirstpublished":"2002-01-14T18:28:08Z","dateupdated":"2002-01-14T18:28:11Z","revision":12,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"1","cam_population":"20","cam_impact":"3","cam_easeofexploitation":"20","cam_attackeraccessrequired":"20","cam_scorecurrent":"9.45","cam_scorecurrentwidelyknown":"9.45","cam_scorecurrentwidelyknownexploited":"18.45","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":9.45,"vulnote":null}