Re: AOL Instant Messenger Heap Overflow
From: JasonBrown777@netscape.netDate: 08/25/02
- Previous message: Martin Schulze: "[SECURITY] [DSA 147-2] New mailman packages fix cross-site scripting problem"
- Maybe in reply to: Matthew Murphy: "AOL Instant Messenger Heap Overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 25 Aug 2002 18:27:39 -0000 From: <JasonBrown777@netscape.net> To: bugtraq@securityfocus.com('binary' encoding is not supported, stored as-is) In-Reply-To: <000601c24b06$379e3f80$e62d1c41@kc.rr.com>
>The previously reported AOL Instant Messenger heap overflow is restricted
> to the "goim" handler. The unchecked escaping is performed on the
> "screenname" query string parameter. The vulnerability is exploited
> when the user clicks "Get Info" to request information on the buddy.
>
>AIM dies with an access violation when trying to execute 0x656C6261. As
>there is nothing stored there, AIM faults and dies:
What version of AIM is required for this? Does it happen in the latest
5.0.2916 beta (http://www.aim.com/get_aim/win/win_beta.adp) or in the
4.8.2790 GM version (http://ftp.newaol.com/aim/win95/Install_AIM.exe)?
- Previous message: Martin Schulze: "[SECURITY] [DSA 147-2] New mailman packages fix cross-site scripting problem"
- Maybe in reply to: Matthew Murphy: "AOL Instant Messenger Heap Overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
