7 lines
No EOL
625 B
Text
7 lines
No EOL
625 B
Text
source: http://www.securityfocus.com/bid/5239/info
|
|
|
|
ICQ is an instant messenger client for Microsoft Windows systems. ICQ includes support for sound schemes. ICQ sound scheme files are generally given the .scm extension.
|
|
|
|
Reportedly, it is possible for a remote party to modify sound settings in ICQ by forcing a vulnerable user to access a blank .scm file. Allegedly, this may be done if the user views maliciously formatted HTML under some browsers. The HTML must reference a sound scheme file within an IFRAME tag.
|
|
|
|
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/21618.scm |