[Japanese]

JVNDB-2003-000144

IP Messenger for Win Filename Buffer Overflow Vulnerability

Overview

IP Messenger for Win suffers buffer overflow when the user saves an attached file with a long name sent with the message.
CVSS Severity (What is CVSS?)

Base Metrics: 10.0 (High) [NVD Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Complete
  • Integrity Impact: Complete
  • Availability Impact: Complete

Affected Products


IP Messenger
  • IP Messenger v2.02 and earlier

Impact

An attacker could execute arbitrary code with the privileges of the user running IP Messenger.
Solution

Please refer to the 'Vendor Information' section for official remediation and take appropriate action.
Vendor Information

IP Messenger
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2003-0288
References

  1. National Vulnerability Database (NVD) : CVE-2003-0288
  2. SecurityFocus : 7566
  3. ISS X-Force Database : 11986
Revision History

[2008/05/21]
  Web page published

Date Public2003/05/13
Date First Published2008/05/21
Date Last Updated2008/05/21