Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0235


Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0235
Last Modified 05 Sep 2008 04:33:49
Published 27 May 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command.

Vulnerable Systems


  • Mirabilis Icq 2000.0a

  • Mirabilis Icq 2000.0b Build3278

  • Mirabilis Icq 2001a

  • Mirabilis Icq 2001b Build3636

  • Mirabilis Icq 2001b Build3638

  • Mirabilis Icq 2001b Build3659

  • Mirabilis Icq 2002a Build3722

  • Mirabilis Icq 2002a Build3727

  • Mirabilis Icq 2003a Build3777

  • Mirabilis Icq 2003a Build3799

  • Mirabilis Icq 2003a Build3800

  • Mirabilis Icq 99a 2.15build1701

  • Mirabilis Icq 99a 2.21build1800


BID - 7461


VULNWATCH - 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client

XF - icq-pop3-format-string(11938)

Last Updated: 27 May 2016 10:37:50