CVE-2003-0237

The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mirabilis:icq:99a_2.15build1701:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:99a_2.21build1800:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2000.0a:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2000.0b_build3278:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001a:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001b_build3636:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001b_build3638:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001b_build3659:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2002a_build3722:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2002a_build3727:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a_build3777:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a_build3799:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a_build3800:*:*:*:*:*:*:*

History

No history.

Information

Published : 2003-05-27 04:00

Updated : 2024-02-28 10:24


NVD link : CVE-2003-0237

Mitre link : CVE-2003-0237

CVE.ORG link : CVE-2003-0237


JSON object : View

Products Affected

mirabilis

  • icq