RSS   Vulnerabilities for 'ICQ'   RSS

2011-01-18
 
CVE-2011-0487

CWE-94
 

 
ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetched through an automatic-update mechanism.

 
2009-06-04
 
CVE-2009-1915

CWE-119
 

 
Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder that contains this file.

 

 >>> Vendor: ICQ 4 Products
Activelist server
Mirabilis icq
Icq toolbar
ICQ


Copyright 2020, cxsecurity.com

 

Back to Top