CVE-2006-5724
https://notcve.org/view.php?id=CVE-2006-5724
Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the "AwayMsg Presets" value in the ICQ\ICQPro\DefaultPrefs\Presets registry key. Desbordamiento de búfer basado en pila en la función "Answering Service" en ICQ 2003b construcción 3916 permite a un usuario local provocar denegación de servicio (caida de aplicación) a través de una cadena larga en el valor "AwayMsg Presets" en la linea de registro: ICQ\ICQPro\DefaultPrefs\Presets. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050461.html http://securityreason.com/securityalert/1818 https://exchange.xforce.ibmcloud.com/vulnerabilities/29933 •
CVE-2006-4662
https://notcve.org/view.php?id=CVE-2006-4662
Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. Desbordamiento de búfer basado en montón en la función MCRegEx__Search en AOL ICQ Pro 2003b Build 3916 y anteriores permiten a un atacanet remoto ejecutar código de su elección a través de un campo grnde inconsistente de un mensaje en un tipo 0x2711 Type-Length-Value (TLV). • http://secunia.com/advisories/21834 http://securityreason.com/securityalert/1530 http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1509 http://www.kb.cert.org/vuls/id/400780 http://www.securityfocus.com/archive/1/445513/100/0/threaded http://www.securityfocus.com/bid/19897 http://www.vupen.com/english/advisories/2006/3527 https://exchange.xforce.ibmcloud.com/vulnerabilities/28835 •
CVE-2006-0765
https://notcve.org/view.php?id=CVE-2006-0765
GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a specific length, which truncates the malicious extension from the display and could trick a user into executing arbitrary programs. • http://www.securityfocus.com/archive/1/425078/100/0/threaded http://www.securityfocus.com/bid/16655 •
CVE-2006-0766
https://notcve.org/view.php?id=CVE-2006-0766
ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly containing other modified properties such as company name, icon, and description, which could trick a user into executing arbitrary programs. • http://www.securityfocus.com/archive/1/425078/100/0/threaded http://www.securityfocus.com/bid/16655 •
CVE-2005-3433
https://notcve.org/view.php?id=CVE-2005-3433
Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields. • http://marc.info/?l=bugtraq&m=113063323109149&w=2 •