Vulnerability: ICQ Sound Scheme Predictable File Location
Results 1 to 2 of 2

Thread: Vulnerability: ICQ Sound Scheme Predictable File Location

  1. #1
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001

    Exclamation Vulnerability: ICQ Sound Scheme Predictable File Location

    ICQ is an instant messenger client for Microsoft Windows systems. ICQ includes support for sound schemes. ICQ sound scheme files are generally given the .scm extension.

    When installed, a sound scheme places a number of wav sound files in a predictable location within the installation directory of ICQ.

    An attacker may exploit this vulnerability to place malicious content in a known location. A URL reference to the file may then cause malicious content or code to be executed within local context.

    Remote: Yes

    Exploit: An exploit has been provided by "Jelmer" . This exploit will run arbitrary code on vulnerable systems, and should be treated appropriately.

  2. #2
    Senior Member
    Join Date
    Jun 2002
    could you explain in more detail how this works?
    like, is that link dangerous or what?
    Hmm...theres something a little peculiar here. Oh i see what it is! the sentence is talking about itself! do you see that? what do you mean? sentences can\'t talk! No, but they REFER to things, and this one refers directly-unambigeously-unmistakably-to the very sentence which it is!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts