Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0235

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0235
Last Modified 05 Sep 2008 04:33:49
Published 27 May 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0235

Summary

Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command.

Vulnerable Systems

Application

  • Mirabilis Icq 2000.0a

  • Mirabilis Icq 2000.0b Build3278

  • Mirabilis Icq 2001a

  • Mirabilis Icq 2001b Build3636

  • Mirabilis Icq 2001b Build3638

  • Mirabilis Icq 2001b Build3659

  • Mirabilis Icq 2002a Build3722

  • Mirabilis Icq 2002a Build3727

  • Mirabilis Icq 2003a Build3777

  • Mirabilis Icq 2003a Build3799

  • Mirabilis Icq 2003a Build3800

  • Mirabilis Icq 99a 2.15build1701

  • Mirabilis Icq 99a 2.21build1800


References

BID - 7461

MISC - http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10

VULNWATCH - 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client

XF - icq-pop3-format-string(11938)


Last Updated: 27 May 2016 10:37:50