PT-2006-5446 · Aol+1 · Aol Icq Toolbar+1

Ezequiel Gutesman

Published

2006-09-09

Updated

2018-10-17

CVE-2006-4661

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions AOL ICQ Toolbar version 1.3 for Internet Explorer

Description The issue arises from improper validation of the origin of the configuration web page, specifically options2.html, which can be exploited by remote attackers to trick users into reconfiguring the toolbar by presenting disguised checkboxes.

Recommendations For AOL ICQ Toolbar version 1.3, consider restricting access to the configuration web page options2.html until a proper fix is applied to prevent reconfiguration by disguised checkboxes.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4661

Affected Products

Aol Icq Toolbar

Internet Explorer

PT-2006-5446 · Aol+1 · Aol Icq Toolbar+1

CVE-2006-4661

Related Identifiers

Affected Products

References · 8