Bugtraq mailing list archives
Re: AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability
From: High Pressure <pressure () gmail com>
Date: Thu, 12 Aug 2004 17:00:29 -0400
If you're running NT/2000/XP, you can delete everything under the key and make it read-only -- or just deny everyone access to the key. On Wed, 11 Aug 2004 14:02:50 -0700, Thor Larholm <tlarholm () pivx com> wrote:
Deleting the "HKEY_CLASSES_ROOT\aim" registry key is not a permanent mitigation but a per-session change that has to be implemented every time AOL Instant Messenger is instantiated. The reason for this is that if the HKCR\aim key is missing when AIM is launched AIM will simply recreate the key and thus the URL protocol.
-- Please don't send anything confidential to this address. More info: http://www.gmail-is-too-creepy.com/
Current thread:
- AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability homicidal (Aug 10)
- <Possible follow-ups>
- RE: AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability Thor Larholm (Aug 11)
- Re: AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability High Pressure (Aug 12)