|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA10970] ICQ Predictable File Location Weakness
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Wed Feb 25 2004 - 04:25:20 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
ICQ Predictable File Location Weakness
SECUNIA ADVISORY ID:
SA10970
VERIFY ADVISORY:
http://secunia.com/advisories/10970/
CRITICAL:
Not critical
IMPACT:
WHERE:
From remote
SOFTWARE:
ICQ 1.x
ICQ 2000
ICQ 2001
ICQ 2002
ICQ 2003a
ICQ 99
ICQ Lite
DESCRIPTION:
A weakness has been identified in ICQ, which potentially can be
exploited in combination with known browser vulnerabilities and
functionality to compromise users' systems.
The problem is that ICQ sound scheme (.scm) files creates wave (.wav)
files in the "Sounds" sub folder of the ICQ folder with arbitrary
names. It is possible for malicious websites to control the content
of the wave files.
This can be exploited to place malicious content in a predictable
file on a user's system. Combined with certain known browser
vulnerabilities and functionality, which allows arbitrary files on a
user's system to be read, this may allow execution of script code in
context of the "My Computer" security zone.
This is known to be exploited by the Bizex worm.
NOTE: This issue has been rated "Not critical" because the issue in
itself doesn't pose a security risk unless e.g. combined with the
vulnerabilities and inappropriate functionality in Internet
Explorer.
For more information:
SA10523
SOLUTION:
Disable active scripting support in Internet Explorer for all zones
including "My Computer" and enable it only for trusted sites.
PROVIDED AND/OR DISCOVERED BY:
This appears to be the same issue as reported by Jelmer in 2002.
OTHER REFERENCES:
SA10523:
http://secunia.com/advisories/10523/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]