I suspect this bug is also exploitable from HTML email by including the magic ICQ URL in an <IFRAME> tag embedded in the message. Richard -----Original Message----- From: AreS [mailto:ares@security-downloads.com] Sent: Wednesday, August 22, 2001 6:14 PM To: BUGTRAQat_private Subject: Hexyn / Securax Advisory #22 - ICQ Forced Auto-Add Users Hexyn / Securax Advisory #22 - ICQ Forced Auto-Add Users Topic: ICQ Forced Auto-Add Users Announced: 2001-08-17 Affects: ICQ 200x* up to 2001a Alpha DISCLAIMER: *********** THE ENTIRE ADVISORY HAS BEEN BASED UPON TRIAL AND ERROR RESULTS. THEREFORE WE CANNOT ENSURE YOU THE INFORMATION BELOW IS 100% CORRECT. THIS DOCUMENT IS SUBJECT TO CHANGE WITHOUT PRIOR NOTICE. I. Problem Description ********************** ICQ is a popular and free chat program, with over 108,022,319 users all over the world. When ICQ is installed, it adds a Content-Type to Microsoft Internet Exploder, the "application/x-icq" type. When IE receives "Content-Type: application/x-icq" from a web server and following content:
This archive was generated by hypermail 2b30 : Fri Aug 24 2001 - 10:54:12 PDT