2002-05-03 04:00:00
mitre
PUBLISHED
ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ users contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer.