QQLan QQlan (at) yandex (dot) ru [email concealed] reported vulnerability in multiple versions of ICQ Inc.' ICQ instant messenger client in a way it interacts with Microsoft Internet Explorer.
Author: QQlan <QQlan (at) yandex (dot) ru [email concealed]> Title: ICQ Client Cross-Application Scripting (XAS) Vendor: ICQ Inc. Application: ICQ Versions: up to and including 5.04 build 2321 Vulnerability class: man-in-the-middle, against client Vulnerability type: cross application scripting (My Computer zone) Risk level: low (high, if unsecured shared network is used)