Vulnerabilities > CVE-2003-0236 - Integer Overflow vulnerability in Mirabilis ICQ POP3 Client Subject Field Signed
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers.
Vulnerable Configurations
Nessus
NASL family | Windows |
NASL id | ICQ_VULNS.NASL |
description | There are multiple flaws in versions of ICQ before 2003b, including some that may allow an attacker to execute arbitrary code on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11572 |
published | 2003-05-05 |
reporter | This script is Copyright (C) 2003-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/11572 |
title | ICQ < 2003b Multiple Vulnerabilities |
code |
|
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html
- http://marc.info/?l=bugtraq&m=105216842131995&w=2
- http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10
- http://www.securityfocus.com/bid/7462
- http://www.securityfocus.com/bid/7463
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11939