Описание
Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 allows remote attackers to cause a denial of service (crash) via escaping of the screen name parameter, which triggers the overflow when the user selects "Get Info" on the buddy.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:aol:instant_messenger:4.4:*:*:*:*:*:*:*
cpe:2.3:a:aol:instant_messenger:4.5:*:*:*:*:*:*:*
cpe:2.3:a:aol:instant_messenger:4.6:*:*:*:*:*:*:*
cpe:2.3:a:aol:instant_messenger:4.7:*:*:*:*:*:*:*
cpe:2.3:a:aol:instant_messenger:4.7.2480:*:*:*:*:*:*:*
cpe:2.3:a:aol:instant_messenger:4.8.2616:*:*:*:*:*:*:*
cpe:2.3:a:aol:instant_messenger:4.8.2646:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00967
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 allows remote attackers to cause a denial of service (crash) via escaping of the screen name parameter, which triggers the overflow when the user selects "Get Info" on the buddy.
EPSS
Процентиль: 76%
0.00967
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other