Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1094

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2000-1094
Last Modified 05 Sep 2008 04:22:38
Published 09 Jan 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-1094

Summary

Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument.

Vulnerable Systems

Application

  • Aol Instant Messenger 2.0 N

  • Aol Instant Messenger 2.5.1366

  • Aol Instant Messenger 2.5.1598

  • Aol Instant Messenger 3.0 N

  • Aol Instant Messenger 3.0.1470

  • Aol Instant Messenger 3.5.1635

  • Aol Instant Messenger 3.5.1670

  • Aol Instant Messenger 3.5.1808

  • Aol Instant Messenger 3.5.1856

  • Aol Instant Messenger 4.0

  • Aol Instant Messenger 4.1.2010

  • Aol Instant Messenger 4.2.1193


References

ATSTAKE - A121200-1

OSVDB - 1692

BUGTRAQ - 20001214 Re: AIM & @stake's advisory

BUGTRAQ - 20001213 Administrivia & AOL IM Advisory


Last Updated: 27 May 2016 10:36:00