Lucene search

[email protected]CVE-1999-1289

HistoryNov 11, 1998 - 5:00 a.m.

CVE-1999-1289

1998-11-1105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

icq 98 beta

windows nt

ip leak

cve-1999-1289

sensitive data

internal network

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.8%

JSON

ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration.

CPENameOperatorVersion
mirabilis:icqmirabilis icqeq98_beta

CPE	Name	Operator	Version
mirabilis:icq	mirabilis icq	eq	98_beta

References

www.securityfocus.com/archive/1/11233

exchange.xforce.ibmcloud.com/vulnerabilities/1398

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.8%

JSON