Filtered by vendor Mirabilis
Subscriptions
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5724 | 1 Mirabilis | 1 Icq | 2025-04-09 | N/A |
| Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the "AwayMsg Presets" value in the ICQ\ICQPro\DefaultPrefs\Presets registry key. | ||||
| CVE-2002-0254 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| ICQ 2001b Build 3659 allows remote attackers to cause a denial of service (crash) via a malformed picture that contains large height and width values, which causes the crash when viewed in Userdetails. | ||||
| CVE-2003-0235 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command. | ||||
| CVE-2003-0236 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers. | ||||
| CVE-2003-0237 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack. | ||||
| CVE-2006-4662 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. | ||||
| CVE-2006-2303 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inject arbitrary web script from one application into another via a banner, which is processed in the My Computer zone using the Internet Explorer COM object. | ||||
| CVE-2006-0766 | 1 Mirabilis | 2 Icq, Icq Lite | 2025-04-03 | N/A |
| ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly containing other modified properties such as company name, icon, and description, which could trick a user into executing arbitrary programs. | ||||
| CVE-2005-3433 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields. | ||||
| CVE-1999-1418 | 1 Mirabilis | 1 Icq Web Front | 2025-04-03 | N/A |
| ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found"). | ||||
| CVE-2002-1773 | 1 Mirabilis | 1 Icq For Macos X | 2025-04-03 | N/A |
| Buffer overflow in ICQ 2.6x for MacOS X 10.0 through 10.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request. | ||||
| CVE-2000-0564 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. | ||||
| CVE-2001-1305 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer. | ||||
| CVE-1999-0474 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory. | ||||
| CVE-1999-1440 | 1 Mirabilis | 1 Icq 98a | 2025-04-03 | N/A |
| Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. | ||||
| CVE-2000-0046 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message. | ||||
| CVE-2000-1078 | 1 Mirabilis | 1 Icq Web Front | 2025-04-03 | N/A |
| ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that contains a "?" character. | ||||
| CVE-2001-0367 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters. | ||||
| CVE-2003-0239 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor. | ||||
| CVE-2003-0769 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remote attackers to insert arbitrary web script and HTML via the message field. | ||||