Test Kennung:	1.3.6.1.4.1.25623.1.0.800808
Kategorie:	Buffer overflow
Titel:	ICQ 'ICQToolBar.dll' Buffer Overflow Vulnerability
Zusammenfassung:	ICQ is prone to a stack-based buffer overflow vulnerability.
Beschreibung:	Summary: ICQ is prone to a stack-based buffer overflow vulnerability. Vulnerability Insight: Error due to improper bounds checking by the ICQToolBar.dll and this can be caused via an Internet shortcut .URL file containing a long URL parameter, when browsing a folder that contains this file. Vulnerability Impact: An attacker may leverage this issue by execute arbitrary code and buffer overflow in the context of affected system, and can cause the application to crash (persistent). Affected Software/OS: ICQ version 6.5 on Windows Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1915 BugTraq ID: 35150 http://www.securityfocus.com/bid/35150 Bugtraq: 20090530 ICQ 6.5 URL Search Hook/ICQToolBar.dll .URL file processing Windows Explorer remote buffer overflow poc (Google Search) http://www.securityfocus.com/archive/1/503935/100/0/threaded https://www.exploit-db.com/exploits/8832 http://osvdb.org/54893 XForce ISS Database: icq-icqtoolbar-bo(50858) https://exchange.xforce.ibmcloud.com/vulnerabilities/50858
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.