| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2003-0237 | 7.5 |
The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.
|
11-07-2017 - 01:29 | 27-05-2003 - 04:00 | |
| CVE-2003-0238 | 5.0 |
The Message Session window in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service (CPU consumption) by spoofing the address of an ADS server and sending HTML with a -1 width in a table tag.
|
11-07-2017 - 01:29 | 27-05-2003 - 04:00 | |
| CVE-2003-0236 | 7.5 |
Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers.
|
11-07-2017 - 01:29 | 27-05-2003 - 04:00 | |
| CVE-2003-0235 | 7.5 |
Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command.
|
11-07-2017 - 01:29 | 27-05-2003 - 04:00 | |
| CVE-2003-0239 | 5.0 |
icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descrip
|
11-07-2017 - 01:29 | 27-05-2003 - 04:00 |