Buffer overflow in Aol Instant_messenger

CVE-2003-1503

Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name.

Vulnerability class: Buffer Overflow

EPSS: 0.046 (90.5th percentile) — read the EPSS interpretation.

Affected products

Aol Instant_messenger — versions 5.2.3292
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
cve@mitre.org (URL Repurposed, x_refsource_MISC)
cve@mitre.org (mailing-list, x_refsource_NTBUGTRAQ)
cve@mitre.org (vdb-entry, x_refsource_XF)