Bugtraq: America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution

AOL instant messenger인 AIM6.0, 6.5, 그이상의 버전에서 크로스사이트 리모트 excution이 발생한다.
America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution Dec 21 2007 11:15PM
evanchik gmail com

Sorry for the brief post but Im still able to bypass filters that aol has put in place. So again with frustration I come to FD to imply pressure on a company to patch correct. From reading feedback from AOL they feel the vulnerability is put to bed and requires no more attention.

I am not posting 0day PoC only currently patched examples.

Do not use any AIM 6 or higher client.

old PoC

http://before0day.com/Lists/Posts/Post.aspx?ID=3

references

http://www.wired.com/politics/security/news/2007/12/aim_hack

http://www.pronetworks.org/index.php/software-and-betas-news/847#comment
-199

http://talkback.zdnet.com/5208-12691-0.html?forumID=1&threadID=41986&mes
sageID=785355&start=-1

Michael Evanchik

http://before0day.com

미로속에 갇힌 뇌

Bugtraq: America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution

티스토리툴바

Bugtraq: America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution

'Securities/SecurityFocus Vulnerabilities' Related Articles

티스토리툴바