FanJ
October 29th, 2002, 04:23 PM
From Kaspersky:
AOL Instant Messenger Vulnerability
AOL Instant Messenger 4.8.2790 has a vulnerability that allows hackers
to remotely attack AIM users by sending messages with "loaded" hypertext
links. When such links are clicked it triggers remotely located code to
run without displaying any warnings to the unsuspecting "clicker".
The ill-intended hypertext link (URL) just points to the name of the
malicious file (appearing at the end of the link) that executes at the
location indicated by the link address.
To avoid any unpleasantries associated with this vulnerability users can
either downgrade to an older version of AIM or upgrade to a newer one
and always exercise caution before clicking on URL hyperlinks.
AOL Instant Messenger Vulnerability
AOL Instant Messenger 4.8.2790 has a vulnerability that allows hackers
to remotely attack AIM users by sending messages with "loaded" hypertext
links. When such links are clicked it triggers remotely located code to
run without displaying any warnings to the unsuspecting "clicker".
The ill-intended hypertext link (URL) just points to the name of the
malicious file (appearing at the end of the link) that executes at the
location indicated by the link address.
To avoid any unpleasantries associated with this vulnerability users can
either downgrade to an older version of AIM or upgrade to a newer one
and always exercise caution before clicking on URL hyperlinks.