CVE-2003-0237

The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mirabilis:icq:99a_2.15build1701:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:99a_2.21build1800:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2000.0a:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2000.0b_build3278:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001a:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001b_build3636:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001b_build3638:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001b_build3659:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2002a_build3722:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2002a_build3727:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a_build3777:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a_build3799:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a_build3800:*:*:*:*:*:*:*

History

20 Nov 2024, 23:44

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html - () http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html -
References () http://marc.info/?l=bugtraq&m=105216842131995&w=2 - () http://marc.info/?l=bugtraq&m=105216842131995&w=2 -
References () http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10 - Vendor Advisory () http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10 - Vendor Advisory
References () http://www.securityfocus.com/bid/7464 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/7464 - Patch, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/11944 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/11944 -

Information

Published : 2003-05-27 04:00

Updated : 2024-11-20 23:44


NVD link : CVE-2003-0237

Mitre link : CVE-2003-0237

CVE.ORG link : CVE-2003-0237


JSON object : View

Products Affected

mirabilis

  • icq