Saturday, January 20, 2007

MOAB-20-01-2007: Apple iChat aim:// URL Handler Format String Vulnerability

Apple iChat AIM URI scheme handling is affected by a classic format string vulnerability, allowing remote users to cause a denial of service condition or arbitrary code execution.
Further information:

1 comment:

drama said...

Thanks for telling me about RCDefaultApp

Not only can I use this for the workaround, but I can get rid of that damn applescript url handler too, which I think is absolutley unnecessary to have.