Filtered by vendor Mirabilis
Subscribe
Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1418 | 1 Mirabilis | 1 Icq Web Front | 2024-02-28 | 5.0 MEDIUM | N/A |
ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found"). | |||||
CVE-2003-0237 | 1 Mirabilis | 1 Icq | 2024-02-28 | 7.5 HIGH | N/A |
The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack. | |||||
CVE-2001-1305 | 1 Mirabilis | 1 Icq | 2024-02-28 | 5.0 MEDIUM | N/A |
ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer. | |||||
CVE-2000-0564 | 1 Mirabilis | 1 Icq | 2024-02-28 | 5.0 MEDIUM | N/A |
The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. | |||||
CVE-2003-0769 | 1 Mirabilis | 1 Icq | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remote attackers to insert arbitrary web script and HTML via the message field. | |||||
CVE-1999-1440 | 1 Mirabilis | 1 Icq 98a | 2024-02-28 | 5.1 MEDIUM | N/A |
Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. | |||||
CVE-2002-2075 | 1 Mirabilis | 1 Icq | 2024-02-28 | 5.0 MEDIUM | N/A |
ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number. |