{"cve": [{"lastseen": "2020-10-03T11:36:57", "description": "Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long \"goim\" command.", "edition": 3, "cvss3": {}, "published": "2001-01-09T05:00:00", "title": "CVE-2000-1093", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2000-1093"], "modified": "2017-07-11T01:29:00", "cpe": ["cpe:/a:aol:instant_messenger:2.0_n", "cpe:/a:aol:instant_messenger:2.5.1366", "cpe:/a:aol:instant_messenger:3.5.1808", "cpe:/a:aol:instant_messenger:4.2.1193", "cpe:/a:aol:instant_messenger:3.5.1856", "cpe:/a:aol:instant_messenger:4.0", "cpe:/a:aol:instant_messenger:4.1.2010", "cpe:/a:aol:instant_messenger:3.5.1670", "cpe:/a:aol:instant_messenger:3.5.1635", "cpe:/a:aol:instant_messenger:3.0_n", "cpe:/a:aol:instant_messenger:2.5.1598", "cpe:/a:aol:instant_messenger:3.0.1470"], "id": "CVE-2000-1093", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-1093", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:aol:instant_messenger:2.5.1598:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:4.1.2010:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:3.5.1856:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:3.5.1808:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:3.0.1470:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:2.0_n:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:3.0_n:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:2.5.1366:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:3.5.1670:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:4.2.1193:*:*:*:*:*:*:*", "cpe:2.3:a:aol:instant_messenger:3.5.1635:*:*:*:*:*:*:*"]}], "exploitdb": [{"lastseen": "2016-02-02T14:25:04", "description": "AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 'aim://' Buffer Overflow Vulnerability. CVE-2000-1093. Remote exploit for windows platform", "published": "2000-12-12T00:00:00", "type": "exploitdb", "title": "AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2000-1093"], "modified": "2000-12-12T00:00:00", "id": "EDB-ID:20510", "href": "https://www.exploit-db.com/exploits/20510/", "sourceData": "source: http://www.securityfocus.com/bid/2118/info\r\n\r\nAOL Instant Messenger (AIM) is a real time messaging service for users that are on line. When AOL Instant Messenger is installed, by default it configures the system so that the aim: URL protocol connects aim:// urls to the AIM client. There exists a buffer overflow in parsing aim:// URL parameters.\r\n\r\nThis vulnerability exists in versions of AOL Instant previous to Messenger 4.3.2229. By sending a specially crafted URL ,using the 'aim:' protocol, comprised of 'goim' and 'screenname' parameters, it is possible for a remote user to overflow the buffer during a memory copy operation and execute arbitarary code.\r\n\r\nIt should be noted that the victim need only have AIM installed on their machine to be vulnerable. Even if AIM is not running, if a user clicks or otherwise activates a malicious aim:// url, the overflow will occur. Additionally it should be noted that AIM is often included/bundled with Netscape Communicator and possibly other popular software programs.\r\n\r\nSuccessful exploitation of this vulnerability will lead to complete comprimise of the target host. \r\n\r\nhref=\"aim:goim? screenname=AAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAA&message=EIP,+the+other+white+meat\" >here</a><br> ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/20510/"}], "cert": [{"lastseen": "2020-09-18T20:44:59", "bulletinFamily": "info", "cvelist": ["CVE-2000-1093", "CVE-2000-1094"], "description": "### Overview \n\n[AOL Instant Messenger (AIM)](<http://www.aim.com>) is an application that allows one peer to communicate with another. A buffer overflow vulnerability exists that can manipulate the configuration of the victim's client.\n\n### Description \n\nAIM installs a URI handler that permits the use of the \"aim:\" protocol on the machine that enables people to post links on their websites, or send them in email messages to friends. For example: \n\n<a href=\"aim:goim?screenname=myname\">Send me an instant message here.</a> \n \nOne can also specify command line options to AIM for when it starts, permitting this vulnerability to be exploited by an application, or trojan. AIM versions 3.5.x and prior contain a buffer overflow. When specifying options using the aim protocol, or the command line, one can trigger a buffer overflow in the client. In addition to crashing the client, an attacker can add arbitrary \"buddies\" to an AIM user's buddy list by a malicious web page or html-based e-mail message. \n \n--- \n \n### Impact \n\nAn attacker can add arbitrary users to the victim's \"buddy\" list, or crash their client. \n \n--- \n \n### Solution \n\n[Upgrade](<http://www.aim.com>) to a version of AIM higher than 3.5.x. \n \n--- \n \n### Vendor Information\n\n474592\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### AOL Time Warner Affected\n\nNotified: October 17, 2001 Updated: January 28, 2002 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23474592 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.atstake.com/research/advisories/2000/a121200-1.txt>\n * <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1093>\n * <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1094>\n\n### Acknowledgements\n\nOur thanks to @stake for the information contained in their advisory.\n\nThis document was written by Jason Rafail.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2000-1094](<http://web.nvd.nist.gov/vuln/detail/CVE-2000-1094>) \n---|--- \n**Severity Metric:** | 4.50 \n**Date Public:** | 2000-12-12 \n**Date First Published:** | 2002-04-05 \n**Date Last Updated: ** | 2002-04-05 21:28 UTC \n**Document Revision: ** | 13 \n", "modified": "2002-04-05T21:28:00", "published": "2002-04-05T00:00:00", "id": "VU:474592", "href": "https://www.kb.cert.org/vuls/id/474592", "type": "cert", "title": "AOL Instant Messenger contains buffer overflows in parsing of AIM URI handler requests", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
