CVE-2005-1891

Description

The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

AOL / aim5.9.3797

References

MISChttp://www.securityfocus.com/bid/13880
MAILING_LISThttp://marc.info/?l=bugtraq&m=111816939928640&w=2
MISChttp://securitytracker.com/id?1014145
MAILING_LISThttp://marc.info/?l=bugtraq&m=111817881214343&w=2