In association with heise online

22 January 2007, 11:23

Code smuggled in through Apple's iChat

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The initiators of the Month of Apple Bugs (MOAB) have made public a hole in Apple's iChat that attackers could use to cause the application to crash or inject code into it when manipulated websites are visited. The Instant Messenger application contains a format string vulnerability in the processing of AIM-URLs (addresses for AOL's Instant Messenger protocol).

Attackers could use simple HTML anchors to exploit this hole. A demonstration page shows automation using JavaScript, but the flaw can also be exploited without user interaction if Flash is used. In the security advisory, the initiators of MOAB recommended disabling the aim:// URL handler via RCDefaultApp until an update has been made available.

Another flaw related to the handling of URLs concerns the application up to and including version 3.5.5. In some cases, the application may not reserve enough memory for the address if it is to access a server via SFTP. MOAB's security advisory says that the result is a buffer overflow that can be exploited. They recommend disabling the URL handler for ftps:// via RCDefaultApp as a workaround.

Also see:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit