A buffer overflow vulnerability in ICQ may allow a remote attacker to execute arbitrary code or create a denial-of-service condition.
ICQ is a instant messaging application that is maintained by AOL.
A buffer overflow vulnerability in ICQ Pro 2003b may allow a remote, unauthenticated attacker to execute arbitrary code or create a denial-of-service condition. By sending a specially crafted message to a vulnerable ICQ client, an attacker can trigger the overflow.
A remote, unauthenticated attacker can execute arbitrary code with the privileges of the user who is running ICQ or create a denial-of-service condition.
Thanks to CoreLabs for reporting this issue.
This document was written by Ryan Giobbi.
|Date First Published:||2006-09-11|
|Date Last Updated:||2006-09-11 19:44 UTC|