CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 2CVE-2000-1078 – Mirabilis ICQ 0.99/98.0 a/2000.0 A/99a - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2000-1078
29 Nov 2000 — ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that contains a "?" character. • https://www.exploit-db.com/exploits/20071 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2000-0564
https://notcve.org/view.php?id=CVE-2000-0564
29 May 2000 — The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0218.html •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1CVE-2000-0046 – Mirabilis ICQ 0.99b 1.1.1.1/3.19 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0046
10 Jan 2000 — Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message. • https://www.exploit-db.com/exploits/19724 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1418
https://notcve.org/view.php?id=CVE-1999-1418
01 May 1999 — ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found"). • http://www.securityfocus.com/archive/1/13508 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0474
https://notcve.org/view.php?id=CVE-1999-0474
05 Apr 1999 — The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0474 •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1440
https://notcve.org/view.php?id=CVE-1999-1440
01 Jan 1999 — Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. • http://marc.info/?l=bugtraq&m=91522424302962&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1289
https://notcve.org/view.php?id=CVE-1999-1289
11 Nov 1998 — ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration. • http://www.securityfocus.com/archive/1/11233 •