Vulnerabilities > Mirabilis
|2006-11-04||CVE-2006-5724|| Denial-Of-Service vulnerability in Mirabilis ICQ 2003Bbuild3916 |
Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the "AwayMsg Presets" value in the ICQ\ICQPro\DefaultPrefs\Presets registry key.
| 2.1 |
|2006-09-09||CVE-2006-4662|| Remote Heap Buffer Overflow vulnerability in ICQ MCRegEx__Search |
Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type.
| 7.5 |
|2006-05-11||CVE-2006-2303|| Unspecified vulnerability in Mirabilis ICQ 5.04Build2321 |
Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inject arbitrary web script from one application into another via a banner, which is processed in the My Computer zone using the Internet Explorer COM object.
| 6.4 |
|2006-02-18||CVE-2006-0766|| Unspecified vulnerability in Mirabilis ICQ and ICQ Lite |
| 5.1 |
|2006-02-18||CVE-2006-0765|| Unspecified vulnerability in Mirabilis ICQ and ICQ Lite |
GUI display truncation vulnerability in ICQ Inc.
| 5.1 |
|2005-11-02||CVE-2005-3433|| Remote Security vulnerability in ICQ |
Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields.
| 5.1 |
|2003-09-22||CVE-2003-0769|| Cross-Site Scripting vulnerability in Mirabilis ICQ 2003Abuild3777/2003Abuild3799/2003Abuild3800 |
Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remote attackers to insert arbitrary web script and HTML via the message field.
| 4.3 |
|2003-05-27||CVE-2003-0239|| Denial Of Service vulnerability in Mirabilis ICQ GIF Parsing |
icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor.
| 5.0 |
|2003-05-27||CVE-2003-0238|| Denial Of Service vulnerability in Mirabilis ICQ Message Session Window |
The Message Session window in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service (CPU consumption) by spoofing the address of an ADS server and sending HTML with a -1 width in a table tag.
| 5.0 |
|2003-05-27||CVE-2003-0237|| Remote Command Execution vulnerability in Mirabilis ICQ Features On Demand |
The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.
| 7.5 |