Описание
Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type.
Ссылки
- PatchVendor Advisory
- US Government Resource
- Patch
- PatchVendor Advisory
- US Government Resource
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mirabilis:icq:0.99b_1.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:0.99b_v.3.19:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:98.0a:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:99a_2.15build1701:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:99a_2.21build1800:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2000.0a:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2000.0b_build3278:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001a:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001b_build3636:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001b_build3638:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2001b_build3659:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2002a_build3722:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2002a_build3727:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a_build3777:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a_build3799:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003a_build3800:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003b:*:*:*:*:*:*:*
cpe:2.3:a:mirabilis:icq:2003b_build3096:*:pro:*:*:*:*:*
EPSS
Процентиль: 95%
0.19204
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type.
EPSS
Процентиль: 95%
0.19204
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other