AOL IM 'Away' message flaw deemed critical Security hole could allow remote attackers to execute malicious code By Paul Roberts, IDG News Service August 09, 2004
Computer security companies are warning users of America Online Inc.'s Instant Messenger (AIM) software that a serious security hole in the product could allow remote attackers to execute malicious code on computers that run the popular instant messaging software. America Online (AOL) confirmed the existence of the software vulnerability in an AIM feature that allows users to post automatic replies, such as "I'm away" messages, to instant messages (IMs) that they receive. The company is planning to release a test version of the AIM client later this week that will fix the hole, said Andrew Weinstein, an AOL spokesman. < snip > http://www.infoworld.com/article/04/08/09/HNaolimflaw_1.html Vulnerability Analysis: http://www.idefense.com/application/poi/display?id=121&type=vulnerabilities -- You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
