Apple iChat AIM URL Handler Remote Format String Vulnerability

Apple iChat AIM URL Handler Remote Format String Vulnerability

Apple iChat is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.

Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application and to compromise affected computers.

Apple iChat version 3.1.6 (v441) is reported vulnerable; other versions may also be affected.