Vulnerabilities > CVE-2006-0765 - Unspecified vulnerability in Mirabilis ICQ and ICQ Lite

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

mirabilis

NVD

Published: 2006-02-18

Updated: 2018-10-19

Summary

GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a specific length, which truncates the malicious extension from the display and could trick a user into executing arbitrary programs.

Vulnerable Configurations

Part	Description	Count
Application	Mirabilis Mirabilis ICQ 2003A Mirabilis ICQ 2003B Mirabilis ICQ Lite 4.0 Mirabilis ICQ Lite 4.1	4

References

http://www.securityfocus.com/archive/1/425078/100/0/threaded
http://www.securityfocus.com/bid/16655