3 results (0.008 seconds)

CVSS: 7.5EPSS: 35%CPEs: 19EXPL: 0

Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. Desbordamiento de búfer basado en montón en la función MCRegEx__Search en AOL ICQ Pro 2003b Build 3916 y anteriores permiten a un atacanet remoto ejecutar código de su elección a través de un campo grnde inconsistente de un mensaje en un tipo 0x2711 Type-Length-Value (TLV). • http://secunia.com/advisories/21834 http://securityreason.com/securityalert/1530 http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1509 http://www.kb.cert.org/vuls/id/400780 http://www.securityfocus.com/archive/1/445513/100/0/threaded http://www.securityfocus.com/bid/19897 http://www.vupen.com/english/advisories/2006/3527 https://exchange.xforce.ibmcloud.com/vulnerabilities/28835 •

CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 0

Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inject arbitrary web script from one application into another via a banner, which is processed in the My Computer zone using the Internet Explorer COM object. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045916.html http://secunia.com/advisories/20010 http://securityreason.com/securityalert/868 http://securitytracker.com/id?1016045 http://www.securityfocus.com/archive/1/433360/100/0/threaded http://www.securityfocus.com/bid/17913 http://www.vupen.com/english/advisories/2006/1765 https://exchange.xforce.ibmcloud.com/vulnerabilities/26386 •

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0

The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0218.html •