AOH :: Internet :: TB12498.HTM

AIM Arbitrary HTML Display in Notification Window

AIM Arbitrary HTML Display in Notification Window
AIM Arbitrary HTML Display in Notification Window


Arbitrary HTML can be readily displayed in notification windows generated
by AOL Instant Messenger when the window of origin is not the main focus.
This vulnerability is known to be present at least in version 6.1.41.2
(which is the current release). It appears to display any form of
HTML-compliant code. More details can be provided on request.

Discovery credited to:
Shell ( dotshell.net, shell6@gmail.com, shell@dotshell.net) 
Lone (Lone-Matrix.com, Lone@Lone-Matrix.com )

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2009 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.