Qqlan

**Name of the Vulnerable Software and Affected Versions** ICQ Client versions 5.04 build 2321 and earlier **Description** A Cross-Application Scripting (XAS) issue allows remote attackers to inject arbitrary web script from one application into another via a banner. This banner is processed in the My Computer zone using the Internet Explorer COM object. **Recommendations** For ICQ Client versions 5.04 build 2321 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.