CVSS: 9.8EPSS: 13%CPEs: 19EXPL: 0CVE-2006-4662
https://notcve.org/view.php?id=CVE-2006-4662
09 Sep 2006 — Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. Desbordamiento de búfer basado en montón en la función MCRegEx__Search en AOL ICQ Pro 2003b Build 3916 y anteriores permiten a un atacanet remoto ejecutar código de su elección a través de un campo grnde inconsistente de un mensaje en un tipo 0x2711 Type-Length-Value (TL... • http://secunia.com/advisories/21834 •
CVSS: 9.8EPSS: 1%CPEs: 13EXPL: 0CVE-2003-0235
https://notcve.org/view.php?id=CVE-2003-0235
07 May 2003 — Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command. Vulnerabilidad en formateado de cadenas en cliente POP3 para Mirabilis ICQ Pro 2003a permite que servidores remotos maliciosos ejecuten código arbitrario mediante cadenas formateadas en la respuesta a un comando UIDL. • http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html •
CVSS: 9.8EPSS: 3%CPEs: 13EXPL: 0CVE-2003-0236
https://notcve.org/view.php?id=CVE-2003-0236
07 May 2003 — Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers. Error en las signaturas de enteros en cliente POP3 para Mirabilis ICQ Pro 2003a permite que atacantes remotos ejecuten código arbitrario mediante los encabezamientos "Subject" o "Date". • http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2003-0237
https://notcve.org/view.php?id=CVE-2003-0237
07 May 2003 — The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack. La funcionalidad "ICQ Features on Demand" en Mirabilis ICQ Pro 2003a no verifica adecuadamente la autenticidad de las actualizaciones software, lo que permitiría a atacantes remotos instalar software arbitrario. • http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2003-0238
https://notcve.org/view.php?id=CVE-2003-0238
07 May 2003 — The Message Session window in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service (CPU consumption) by spoofing the address of an ADS server and sending HTML with a -1 width in a table tag. La ventana "Message Session" en Mirabilis ICQ Pro 2003a permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU) simulando la dirección de un servidor ADS y enviando HTML con un -1 en el campo anchura de una tabla. • http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html •
CVSS: 6.2EPSS: 1%CPEs: 13EXPL: 0CVE-2003-0239
https://notcve.org/view.php?id=CVE-2003-0239
07 May 2003 — icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor. La librería de parseo icqateimg32.dll en Mirabilis ICQ Pro 2003a permite que atacantes remotos provoquen una denegación de servicio mediante encabezamientos GIF89z mal formados que no contienen una GCT (Tabla de Color Global) o una LCT (Tabla de Color Local... • http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2002-2075
https://notcve.org/view.php?id=CVE-2002-2075
31 Dec 2002 — ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number. • http://archives.neohapsis.com/archives/bugtraq/2002-04/0295.html •
CVSS: 9.8EPSS: 12%CPEs: 5EXPL: 0CVE-2002-0028
https://notcve.org/view.php?id=CVE-2002-0028
27 Feb 2002 — Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659 allows remote attackers to execute arbitrary code via a Voice Video & Games request. • http://marc.info/?l=bugtraq&m=101043894627851&w=2 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2001-1305
https://notcve.org/view.php?id=CVE-2001-1305
17 Aug 2001 — ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer. • http://marc.info/?l=bugtraq&m=99851887024728&w=2 •