Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1915

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-1915
Last Modified 12 Jun 2009 01:27:03
Published 04 Jun 2009 01:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1915

Summary

Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder that contains this file.

Vulnerable Systems

Application

  • Icq 6.5


References

XF - icq-icqtoolbar-bo(50858)

BID - 35150

BUGTRAQ - 20090530 ICQ 6.5 URL Search Hook/ICQToolBar.dll .URL file processing Windows Explorer remote buffer overflow poc

MILW0RM - 8832

OSVDB - 54893


Last Updated: 27 May 2016 10:50:43