AOL Time Warner Information for VU#570167

ICQ contains a buffer overflow while processing Voice Video & Games feature requests

Status

Affected

Vendor Statement

See http://web.icq.com/help/quickhelp/1,,117,00.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

There is currently no patch available for the ICQ plug-in for 2001B or versions of the ICQ client prior to 2001B. All users should upgrade to version 2001B Beta v5.18 Build #3659, who's installer will delete the vulnerable plug-in. In addition access to the vulnerable plug-in will be disabled for users with versions of 2001B prior to Beta v5.18 Build #3659 who login to the server.

If you have feedback, comments, or additional information about this vulnerability, please send us email.