AIM: Embedded Link Remote Execution
This signature detects attempts to exploit a known vulnerability in AOL Instant Messenger (AIM). Versions 4.8.2790 and earlier are vulnerable. Attackers can embed links in an AOL message that execute commands when selected.
Extended Description
AOL Instant Messenger (AIM) is prone to an issue which may allow attackers to execute arbitrary files on the client system. It is possible to send a malicious link which references local files to a user of the client. When the link is visited, the referenced file on the client's local filesystem will be executed. To exploit this issue, the attacker must know the exact location of the file to be executed. Additionally, there can be no spaces in the path or filename. This limits exploitability, since files must be on the same partition and command line arguments cannot be supplied. Versions other than AOL Instant Messenger 4.8.2790 do not seem to be affected by this vulnerability. The vulnerability was reported for Microsoft Windows versions of the client.
Affected Products
Aol instant_messenger
Short Name
CHAT:AIM:LINK-EXEC
Severity
Minor
Recommended
False
Recommended Action
None
Category
CHAT
Keywords
CVE-2002-1813 Embedded Execution Link Remote bid:6027
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Aol
CVSS Score
2.6