|
|
several from www.sans.org
Advisory ...multiple buffer overflows ...AOL Instant Messenger
...a malicious Web site or e-mail to execute arbitrary code on a user's
system.
AOL Instant Messenger v3.5.1856 contains buffer overflow that
leads to the crashing of the client;
Advisory and exploit that details a bug in the
Messenger/winpopup service in Windows 95/98 has been published. The denial of
service causes the whole system to become unstable and sometimes even
immediately reboot.
A report has surfaced indicating a potential problem in AOL
Instant Messenger (versions 4.1 through 4.4). Due to the way AIM logs data, it
is possible for a malicious user to send a malformed image embedded in a
conversation. While this won't affect the current conversation, it may alter the
log files in such a way that would cause JavaScript/VBScript to be executed when
the user views logs of the conversation
When initiated, it can be a 2-way "trusted" path, thru your
firewall (you do have one?).
jim
|
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
