ID de Prueba:	1.3.6.1.4.1.25623.1.0.800808
Categoría:	Buffer overflow
Título:	ICQ 'ICQToolBar.dll' Buffer Overflow Vulnerability
Resumen:	ICQ is prone to a stack-based buffer overflow vulnerability.
Descripción:	Summary: ICQ is prone to a stack-based buffer overflow vulnerability. Vulnerability Insight: Error due to improper bounds checking by the ICQToolBar.dll and this can be caused via an Internet shortcut .URL file containing a long URL parameter, when browsing a folder that contains this file. Vulnerability Impact: An attacker may leverage this issue by execute arbitrary code and buffer overflow in the context of affected system, and can cause the application to crash (persistent). Affected Software/OS: ICQ version 6.5 on Windows Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1915 BugTraq ID: 35150 http://www.securityfocus.com/bid/35150 Bugtraq: 20090530 ICQ 6.5 URL Search Hook/ICQToolBar.dll .URL file processing Windows Explorer remote buffer overflow poc (Google Search) http://www.securityfocus.com/archive/1/503935/100/0/threaded https://www.exploit-db.com/exploits/8832 http://osvdb.org/54893 XForce ISS Database: icq-icqtoolbar-bo(50858) https://exchange.xforce.ibmcloud.com/vulnerabilities/50858
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.