CVE-2006-5650

Опубликовано: 07 нояб. 2006

Источник: nvd

CVSS2: 7.5

EPSS Высокий

Описание

The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar.

Ссылки

http://secunia.com/advisories/22670
Vendor Advisory
http://securityreason.com/securityalert/1830
http://securitytracker.com/id?1017163
http://www.securityfocus.com/archive/1/450726/100/0/threaded
http://www.securityfocus.com/bid/20930
http://www.vupen.com/english/advisories/2006/4362
http://www.zerodayinitiative.com/advisories/ZDI-06-037.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30059
http://secunia.com/advisories/22670
Vendor Advisory
http://securityreason.com/securityalert/1830
http://securitytracker.com/id?1017163
http://www.securityfocus.com/archive/1/450726/100/0/threaded
http://www.securityfocus.com/bid/20930
http://www.vupen.com/english/advisories/2006/4362
http://www.zerodayinitiative.com/advisories/ZDI-06-037.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30059

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aol:icq:5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.82608

Высокий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wvxp-m3jj-9gmh

github

почти 4 года назад