AOL AIM SIPFoundry sipXtapi RTCP Processing Heap Overflow Vulnerability

Affected Vendors

America Online

Affected Products

AIM

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AOL AIM. Successful exploitation requires the victim to accept a Video Messaging session with the attacker.

The specific flaw exists in the SIP protocol implementation library, sipXtapi.dll. If a malformed RTCP sender report packet is sent, a memory corruption occurs due to a signedness error allowing the execution of arbitrary code.

Vendor Response

Fixed in AIM 6.8 client, version 6.8.7.7.

Disclosure Timeline

2007-12-11 - Vulnerability reported to vendor
2008-06-10 - Coordinated public release of advisory

Credit

wushi of team509

Published Advisories

ZDI-10-169: Novell

• published 2010-09-01

ZDI-10-168: Apple

• published 2010-08-31

ZDI-10-167: RealNetworks

• published 2010-08-26

ZDI-10-166: RealNetworks

• published 2010-08-26

ZDI-10-165: Trend Micro

• published 2010-08-25

Upcoming Advisories

Novell

• reported 2010-08-23, 8 days ago

Mozilla Firefox

• reported 2010-08-12, 19 days ago

CA

• reported 2010-08-12, 19 days ago

Apple

• reported 2010-08-12, 19 days ago

Symantec

• reported 2010-07-20, 42 days ago

Recent Press

How Microsoft ranks with the most tardy bug ...

• published 2010-08-05, Network World

HP TippingPoint gives deadline to vendors

• published 2010-08-05, International Business Times

TippingPoint sets six-month deadline for flaw fixes

• published 2010-08-04, V3

HP's Zero Day Initiative Gives Vendors Patching Deadline

• published 2010-08-04, CRN

Researchers Throw Down Vulnerability-Disclosure Gauntlet

• published 2010-08-04, DarkReading