1. CVE-Search
  2. CVE-2003-0237
ID CVE-2003-0237
Summary The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.
References
Vulnerable Configurations
  • cpe:2.3:a:mirabilis:icq:99a_2.15build1701:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:99a_2.15build1701:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:99a_2.21build1800:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:99a_2.21build1800:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2000.0a:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2000.0a:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2000.0b_build3278:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2000.0b_build3278:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2001a:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2001a:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2001b_build3636:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2001b_build3636:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2001b_build3638:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2001b_build3638:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2001b_build3659:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2001b_build3659:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2002a_build3722:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2002a_build3722:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2002a_build3727:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2002a_build3727:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2003a_build3777:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2003a_build3777:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2003a_build3799:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2003a_build3799:*:*:*:*:*:*:*
  • cpe:2.3:a:mirabilis:icq:2003a_build3800:*:*:*:*:*:*:*
    cpe:2.3:a:mirabilis:icq:2003a_build3800:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 7464
bugtraq 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client
misc http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10
vulnwatch 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client
xf icq-features-no-auth(11944)
Last major update 11-07-2017 - 01:29
Published 27-05-2003 - 04:00
Last modified 11-07-2017 - 01:29
Back to Top