Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

ICQ Predictable File Location Weakness

Feb 24, 2004 11:37PM PST

Secunia Advisory: SA10970
Release Date: 2004-02-25
Critical: Not critical
Impact:
Where: From remote

Software: ICQ 1.x
ICQ 2000
ICQ 2001
ICQ 2002
ICQ 2003a
ICQ 99
ICQ Lite

Description:
A weakness has been identified in ICQ, which potentially can be exploited in combination with known browser vulnerabilities and functionality to compromise users' systems.

The problem is that ICQ sound scheme (.scm) files creates wave (.wav) files in the "Sounds" sub folder of the ICQ folder with arbitrary names. It is possible for malicious websites to control the content of the wave files.

This can be exploited to place malicious content in a predictable file on a user's system. Combined with certain known browser vulnerabilities and functionality, which allows arbitrary files on a user's system to be read, this may allow execution of script code in context of the "My Computer" security zone.

This is known to be exploited by the Bizex worm.

NOTE: This issue has been rated "Not critical" because the issue in itself doesn't pose a security risk unless e.g. combined with the vulnerabilities and inappropriate functionality in Internet Explorer.Solution:
Disable active scripting support in Internet Explorer for all zones including "My Computer" and enable it only for trusted sites.

Solution:
Disable active scripting support in Internet Explorer for all zones including "My Computer" and enable it only for trusted sites.

http://secunia.com/advisories/10970/

Discussion is locked