Trilight Zone Forum Index Trilight Zone
Privacy & Anonymity is our specialty !
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Yahoo! Messenger "addview" function allows for the

 
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security
Author Message
thedark
Second Lieutenant


Joined: 30 Jul 2005
Posts: 1074

PostPosted: Sat Jul 30, 2005 2:43 pm    Post subject: Yahoo! Messenger "addview" function allows for the Reply with quote
A vulnerability exists in the Yahoo! Messenger "addview" function that permits a remote attacker to execute arbitrary script and HTML in the Internet security zone of the local machine. The "addview" function is only supposed to accept view information from Yahoo! servers. However, an attacker can send malicious script and HTML to the client using the Yahoo! URL redirection service. This script or HTML is interpreted by the Yahoo! Messenger client and is displayed in the client's web browser.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security All times are GMT
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group