← Back

CVE-2002-0785

nvd nist
Published: Aug 12, 2002Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow.

Affected (14)

Aol
1 product
Instant Messenger
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Aol
Instant Messenger
Version 4.0
Instant Messenger
Version 4.1.2010
Instant Messenger
Version 4.1
Instant Messenger
Version 4.2.1193
Instant Messenger
Version 4.2
Instant Messenger
Version 4.3.2229
Instant Messenger
Version 4.3
Instant Messenger
Version 4.4
Instant Messenger
Version 4.5
Instant Messenger
Version 4.6
Instant Messenger
Version 4.7.2480
Instant Messenger
Version 4.7
Instant Messenger
Version 4.8.2616
Instant Messenger
Version 4.8.2646

References (10)

Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
US Government Resource
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.