AOL Instant Messenger %s DoS Vulnerability

AOL Instant Messenger is a real time messaging service for users that are on line.

The version of AOL Instant Messenger that is shipped with Netscape is subject to a denial of service. By transferring a file consisting of an unusual number of '%s' to a remote user running Windows NT or 2000, AOL Instant Messenger will crash when attempting to reveal the filename in the Instant Messenger window. A restart of the application is required in order to gain normal functionality.

Example filename: %s%s%s%s%s%s%s%s%s%s.jpg


 

Privacy Statement
Copyright 2010, SecurityFocus