Full Disclosure mailing list archives

-ADVISORY- | x Thu Mar 16 02:49:11 EST 2006 x | Integer Overflow in AOL Client Software

From: jaervosz () gentoo org
Date: Thu, 16 Mar 2006 07:49:17 +0000 (GMT)




-ADVISORY- | x Thu Mar 16 02:49:11 EST 2006 x | Integer Overflow in AOL Client Software




I. DESCRIPTION
AOL Client Software incorrectly parses integer data, and this can be used to execute arbitrary code.

II. WORKAROUND
There was no identified workarounds regarding the vulnerability at hand.
III. VENDOR RESPONSE
AOL Client Software is extended no identified commentary about this problem at hand.
APPENDIX A VENDOR INFORMATION
http://www.aol.com

APPENDIX B REFERENCES
RFC 6920

CONTACT
Sune Kloppenborg Jeppesen jaervosz () gentoo org

CISSP CSFA 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

-ADVISORY- | x Thu Mar 16 02:49:11 EST 2006 x | Integer Overflow in AOL Client Software jaervosz (Mar 16)