Vulnerability in Aol Instant_messenger
CVE-2002-0785
AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow.
EPSS: 0.037 (88.4th percentile) — read the EPSS interpretation.
Affected products
- Aol Instant_messenger — versions 4.0, 4.1, 4.1.2010
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (Vendor Advisory, mailing-list, Exploit, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, Vendor Advisory, x_refsource_XF)
- cve@mitre.org (vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (US Government Resource, x_refsource_CERT-VN, third-party-advisory)