The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable.

Threat-Mapped Scoring

Score: 1.5

Priority: P4 - Informational (Low)

• S10 – Denial of Service

EPSS

Score: 0.01414
Percentile: 0.79662

CVSS Scoring

Mapped CWE(s)

• CWE-191 : Integer Underflow (Wrap or Wraparound)

Affected Products

• cpe:2.3:a:aol:aim:*:*:*:*:*:*:*:*

← Back to Home