CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2007-1904
https://notcve.org/view.php?id=CVE-2007-1904
10 Apr 2007 — Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a .. (dot dot) in a filename in a file transfer operation. Vulnerabilidad de salto de directorio en AOL Instant Messenger (AIM) 5.9 y anteriores, e ICQ 5.1 y probablemente anteriores permite a atacantes remotos con la complicidad del usuario mediante secuencias .. (punto punto) en un nombre de fichero en una operac... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=508 •
CVSS: 9.8EPSS: 79%CPEs: 1EXPL: 2CVE-2006-5650 – America Online ICQ ActiveX Control Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2006-5650
06 Nov 2006 — The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar. El control ActiveX ICQPhone.SipxPhoneManager en America Online ICQ 5.1 permite a atacantes remotos bajar y ejecutar código de su elección mediante la función DownloadAgent, como ha sido demostrado usando un avatar ICQ. This vulnerability allows attackers to execute arbitrary code on vulnerable installations... • https://www.exploit-db.com/exploits/28916 •
CVSS: 9.8EPSS: 13%CPEs: 19EXPL: 0CVE-2006-4662
https://notcve.org/view.php?id=CVE-2006-4662
09 Sep 2006 — Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. Desbordamiento de búfer basado en montón en la función MCRegEx__Search en AOL ICQ Pro 2003b Build 3916 y anteriores permiten a un atacanet remoto ejecutar código de su elección a través de un campo grnde inconsistente de un mensaje en un tipo 0x2711 Type-Length-Value (TL... • http://secunia.com/advisories/21834 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2000-0564
https://notcve.org/view.php?id=CVE-2000-0564
29 May 2000 — The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0218.html •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1CVE-2000-0046 – Mirabilis ICQ 0.99b 1.1.1.1/3.19 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0046
10 Jan 2000 — Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message. • https://www.exploit-db.com/exploits/19724 •