The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote malicious users to install arbitrary software via a spoofing attack.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mirabilis icq 2001a |
||
mirabilis icq 2001b_build3636 |
||
mirabilis icq 2003a_build3800 |
||
mirabilis icq 99a_2.15build1701 |
||
mirabilis icq 2000.0a |
||
mirabilis icq 2000.0b_build3278 |
||
mirabilis icq 2003a_build3777 |
||
mirabilis icq 2003a_build3799 |
||
mirabilis icq 2001b_build3638 |
||
mirabilis icq 2001b_build3659 |
||
mirabilis icq 99a_2.21build1800 |
||
mirabilis icq 2002a_build3722 |
||
mirabilis icq 2002a_build3727 |
Vulmon