'Critical security hole' found in AOL IM - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
Thread Tools Display Modes
Old 08-11-2004, 10:40 AM   #1 (permalink)
It's all just 1s and 0s
office politics's Avatar
Join Date: Jan 2004
Location: in the lab
Posts: 6,555
Send a message via MSN to office politics
Default 'Critical security hole' found in AOL IM

from http://news.zdnet.co.uk/internet/0,3...9163026,00.htm

"The vulnerability is caused due to a boundary error within the handling of 'Away' messages and can be exploited to cause a stack-based buffer overflow by supplying an overly long 'Away' message (about 1,024 bytes). A malicious Web site can exploit this via the 'aim:' URI handler by passing an overly long argument to the 'goaway?message' parameter," reported Secunia. Secunia described the vulnerability as "highly critical".
office politics is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 10:34 AM.

Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2018, vBulletin Solutions, Inc.