Moderate

CVE-2003-0238 - Unspecified vulnerability in Mirabilis ICQ

Publication: 2003-05-27
Summary

The Message Session window in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service (CPU consumption) by spoofing the address of an ADS server and sending HTML with a -1 width in a table tag.

Risk level (CVSS 5)

Moderate

5.0

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Mirabilis ICQ 99a_2.15build1701
  • Mirabilis ICQ 2003a_build3800
  • Mirabilis ICQ 2000.0a
  • Mirabilis ICQ 2000.0b_build3278
  • Mirabilis ICQ 2001a
  • Mirabilis ICQ 2001b_build3636
  • Mirabilis ICQ 99a_2.21build1800
  • Mirabilis ICQ 2001b_build3659
  • Mirabilis ICQ 2002a_build3722
  • Mirabilis ICQ 2002a_build3727
  • Mirabilis ICQ 2003a_build3777
  • Mirabilis ICQ 2003a_build3799
  • Mirabilis ICQ 2001b_build3638