SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Instant Messaging/IRC/Chat)  >   AOL Instant Messenger Vendors:   America Online, Inc.
AOL Instant Messenger (AIM) Bug in 'aim:AddBuddy' Link Processing May Let Remote Users Cause the AIM Client to Crash
SecurityTracker Alert ID:  1004280
SecurityTracker URL:  http://securitytracker.com/id/1004280
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 11 2002
Impact:   Denial of service via network
Exploit Included:  Yes  

Description:   A potential denial of service issue was reported with AOL Instant Messenger (AIM). A remote user can create a special 'aim:AddBuddy' link that, when activated by the recipient, will cause the recipient's AIM client to crash.

It is reported that a remote user can create and send an 'aim:AddBuddy' hypertext link containing many characters separated by commas that will cause the recipient's AIM client to crash when the recipient clicks on the link.

A demonstration exploit example is provided:

aim:AddBuddy?
ScreenName=InterWN,InterWN,InterWN,InterWN,InterWN,InterWN,I
nterWN,InterWN,InterWN,InterWN,InterWN,InterWN&groupname=Int
erWN,InterWN,InterWN,InterWN,InterWN,InterWN,InterWN,InterWN
,InterWN,InterWN,InterWN,InterWN

According to the report, this will cause an error in OSCORE.DLL

Impact:   A remote user can create and send a special AIM link that will cause the recipient's AIM client to crash when the recipient clicks on the link.
Solution:   No solution was available at the time of this entry.
Vendor URL:  aim.aol.com/ (Links to External Site)
Cause:   Exception handling error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  Hole in AOL Instant Messenger





Hello all,

This morning I noticed something while playing
around with the aim:AddBuddy hyperlink for AIM.
If you add many characters separated by commas
you can crash the aim when a user clicks it.

An example:

aim:AddBuddy?
ScreenName=InterWN,InterWN,InterWN,InterWN,InterWN,InterWN,I
nterWN,InterWN,InterWN,InterWN,InterWN,InterWN&groupname=Int
erWN,InterWN,InterWN,InterWN,InterWN,InterWN,InterWN,InterWN
,InterWN,InterWN,InterWN,InterWN

It causes an error in OSCORE.DLL and which
then causes Instant Messenger to crash.  If
anyone is willing to work with me do a
little further research on the problem just let
me know.

Obviously no one would click that link about,
but you can hide it with the make a link option
aim has in the window.

Thanx a lot.

philer
www.interwn.nl



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC