Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1891

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-1891
Last Modified 05 Sep 2008 04:50:21
Published 09 Jun 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1891

Summary

The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable.

Vulnerable Systems

Application

  • Aol Instant Messenger 5.0.2938

  • Aol Instant Messenger 5.1.3036

  • Aol Instant Messenger 5.2.3292

  • Aol Instant Messenger 5.5

  • Aol Instant Messenger 5.5.3415 Beta

  • Aol Instant Messenger 5.5.3595

  • Aol Instant Messenger 5.9.3797


References

BID - 13880

BUGTRAQ - 20050607 Re: AOL AIM Instant Messenger Buddy Icon "ateimg32.dll" DoS

BUGTRAQ - 20050607 AOL AIM Instant Messenger Buddy Icon "ateimg32.dll" DoS

SECTRACK - 1014145


Last Updated: 27 May 2016 10:40:20