CVSS: 7.5EPSS: 35%CPEs: 19EXPL: 0CVE-2006-4662
https://notcve.org/view.php?id=CVE-2006-4662
Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. Desbordamiento de búfer basado en montón en la función MCRegEx__Search en AOL ICQ Pro 2003b Build 3916 y anteriores permiten a un atacanet remoto ejecutar código de su elección a través de un campo grnde inconsistente de un mensaje en un tipo 0x2711 Type-Length-Value (TLV). • http://secunia.com/advisories/21834 http://securityreason.com/securityalert/1530 http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1509 http://www.kb.cert.org/vuls/id/400780 http://www.securityfocus.com/archive/1/445513/100/0/threaded http://www.securityfocus.com/bid/19897 http://www.vupen.com/english/advisories/2006/3527 https://exchange.xforce.ibmcloud.com/vulnerabilities/28835 •
CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 0CVE-2006-0765
https://notcve.org/view.php?id=CVE-2006-0765
GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a specific length, which truncates the malicious extension from the display and could trick a user into executing arbitrary programs. • http://www.securityfocus.com/archive/1/425078/100/0/threaded http://www.securityfocus.com/bid/16655 •
CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 0CVE-2006-0766
https://notcve.org/view.php?id=CVE-2006-0766
ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly containing other modified properties such as company name, icon, and description, which could trick a user into executing arbitrary programs. • http://www.securityfocus.com/archive/1/425078/100/0/threaded http://www.securityfocus.com/bid/16655 •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3433
https://notcve.org/view.php?id=CVE-2005-3433
Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields. • http://marc.info/?l=bugtraq&m=113063323109149&w=2 •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1CVE-2003-0769 – ICQ 2003 - Webfront Guestbook Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2003-0769
Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remote attackers to insert arbitrary web script and HTML via the message field. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en libro de invitados de ICQ Web Front (guestbook.html) permite a atacantes remotos insertar script web arbitrario y HTML mediante el campo de mensaje. • https://www.exploit-db.com/exploits/23120 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0769 •