Wednesday, 18 July 2007
Critical Trillian, Yahoo IM Flaws Revealed |
| |
|
| |
Researchers in the US have revealed remotely exploitable vulnerabilities for two widely used instant messaging platforms.
The flaws were detected by researchers Billy Rios, Nate Mcfeters, and Raghav Dube. "It’s time we showed another example of how dangerous these URI handler vulnerabilities can be," said the trio, detailing the flaws on the xs-sniper.com website.
The first flaw is due to an input validation error in the "ini=" parameter supplied via "aim://" URIs. A remote attacker, to take control of a targeted system, according to Secunia, could exploit the vulnerability.
Secunia, the Denmark based security firm said the second vulnerability occurs within the processing of "aim://" URIs in the aim.dll plugin. Attackers can exploit the flaw by tricking a user into following a specially crafted "aim://" URI file.
Secunia ranked the flaws, both of which exist in Trillian Basic 3.1.6.0, as "highly critical," meaning that they can be exploited from a remote location.
Another researcher Rajesh Sethumadhavan released proof-of-concept buffer overflow exploit code for a flaw in Yahoo Messenger version 8.1. The code can be used for a DoS attack when Yahoo loads a specially crafted address book entry.
Sethumadhavan said that the flaw was discovered on April 10.
An attacker can take advantage of the flaw by sending a specially crafted address and using a social engineering attack to get a victim to place the mouse over the imported address. |
| |
|
|
| |
|
|
| |
|
|
| |
|
