[Japanese]

JVNDB-2003-000144

IP Messenger for Win Filename Buffer Overflow Vulnerability

Overview

IP Messenger for Win suffers buffer overflow when the user saves an attached file with a long name sent with the message.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 10.0 (High) [NVD Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Complete
  • Integrity Impact: Complete
  • Availability Impact: Complete
Affected Products


H.Shirouzu
  • IP Messenger v2.02 and earlier

Impact

An attacker could execute arbitrary code with the privileges of the user running IP Messenger.
Solution

Please refer to the 'Vendor Information' section for official remediation and take appropriate action.
Vendor Information

H.Shirouzu
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2003-0288
References

  1. National Vulnerability Database (NVD) : CVE-2003-0288
  2. SecurityFocus : 7566
  3. ISS X-Force Database : 11986
Revision History

  • [2008/05/21]
      Web page published

Date Public2003/05/13
Date First Published2008/05/21
Date Last Updated2008/05/21