Bugtraq mailing list archives

Re: AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability

From: High Pressure <pressure () gmail com>
Date: Thu, 12 Aug 2004 17:00:29 -0400

If you're running NT/2000/XP, you can delete everything under the key
and make it read-only -- or just deny everyone access to the key.

On Wed, 11 Aug 2004 14:02:50 -0700, Thor Larholm <tlarholm () pivx com> wrote:

Deleting the "HKEY_CLASSES_ROOT\aim" registry key is not a permanent
mitigation but a per-session change that has to be implemented every
time AOL Instant Messenger is instantiated. The reason for this is that
if the HKCR\aim key is missing when AIM is launched AIM will simply
recreate the key and thus the URL protocol.


-- 
Please don't send anything confidential to this address. More info:
http://www.gmail-is-too-creepy.com/

Current thread:

AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability homicidal (Aug 10)
- <Possible follow-ups>
- RE: AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability Thor Larholm (Aug 11)
  - Re: AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability High Pressure (Aug 12)