Bugtraq mailing list archives
AIM Arbitrary HTML Display in Notification Window
From: shell () dotshell net
Date: Tue, 11 Sep 2007 20:16:38 -0500 (CDT)
Arbitrary HTML can be readily displayed in notification windows generated by AOL Instant Messenger when the window of origin is not the main focus. This vulnerability is known to be present at least in version 6.1.41.2 (which is the current release). It appears to display any form of HTML-compliant code. More details can be provided on request. Discovery credited to: Shell ( dotshell.net, shell6 () gmail com, shell () dotshell net) Lone (Lone-Matrix.com, Lone () Lone-Matrix com )
Current thread:
- AIM Arbitrary HTML Display in Notification Window shell (Sep 12)