Vulners
Lucene search
AIM-dos.txt
`As all Ascii-Symbols can be displayed in &#XXX; format, where XXX are
numbers from 0-255, AIM seems not to check the XXX for higher values
and some strings above 255 result in aim crashing completly or in part.
E.g. the string ̂ will result in crashing the whole aim, but ̃
will crash only the instant message window (̃ was only tested once
by me).
It will crash the AIM of the attacker too, because AIM displays the string
in the attacker-Instant Message, so the attacker-AIM also tries to convert
it and errors.
There is already an unofficial fix available, which can be downloaded at my
hompage: http://laugh.at/cruz
The fix is an edited ate32.dll, which should be copied to the aim directory.
With it, aim doesnt try to convert "&#XXX;"-type of strings anymore, a
minimum drawback (note: with that fix, the attacker can use this exploit to
crash other unfixed AIMs, but wont crash his/her own AIM).
Affected versions: I tested this only on 3.5+ versions of AIM, but all other
versions are most likely affected too.
-cruz
http://laugh.at/cruz
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Mar 2000 00:00Current
7.4High risk
Vulners AI Score7.4