Filtered by vendor Mirabilis Subscriptions
Total 27 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-1305 1 Mirabilis 1 Icq 2025-04-03 N/A
ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer.
CVE-2000-0564 1 Mirabilis 1 Icq 2025-04-03 N/A
The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter.
CVE-2002-1743 1 Mirabilis 1 Icq 2025-04-03 N/A
AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of service (crash) via a malformed .hpf file.
CVE-2006-0766 1 Mirabilis 2 Icq, Icq Lite 2025-04-03 N/A
ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly containing other modified properties such as company name, icon, and description, which could trick a user into executing arbitrary programs.
CVE-2002-2075 1 Mirabilis 1 Icq 2025-04-03 N/A
ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number.
CVE-2003-0236 1 Mirabilis 1 Icq 2025-04-03 N/A
Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers.
CVE-2003-0237 1 Mirabilis 1 Icq 2025-04-03 N/A
The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.