Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0236

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0236
Last Modified 05 Sep 2008 04:33:49
Published 27 May 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0236

Summary

Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers.

Vulnerable Systems

Application

  • Mirabilis Icq 2000.0a

  • Mirabilis Icq 2000.0b Build3278

  • Mirabilis Icq 2001a

  • Mirabilis Icq 2001b Build3636

  • Mirabilis Icq 2001b Build3638

  • Mirabilis Icq 2001b Build3659

  • Mirabilis Icq 2002a Build3722

  • Mirabilis Icq 2002a Build3727

  • Mirabilis Icq 2003a Build3777

  • Mirabilis Icq 2003a Build3799

  • Mirabilis Icq 2003a Build3800

  • Mirabilis Icq 99a 2.15build1701

  • Mirabilis Icq 99a 2.21build1800


References

BID - 7463

BID - 7462

MISC - http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10

VULNWATCH - 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client

XF - icq-pop3-email-bo(11939)


Last Updated: 27 May 2016 10:37:50