Lucene search

[email protected]CVE-2006-5724

HistoryNov 04, 2006 - 1:07 a.m.

CVE-2006-5724

2006-11-0401:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5724

icq

buffer overflow

denial of service

application crash

security vulnerability

7.4 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Heap-based buffer overflow the “Answering Service” function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the “AwayMsg Presets” value in the ICQ\ICQPro\DefaultPrefs\Presets registry key.

CPENameOperatorVersion
mirabilis:icqmirabilis icqeq2003b_build3916

CPE	Name	Operator	Version
mirabilis:icq	mirabilis icq	eq	2003b_build3916

References

lists.grok.org.uk/pipermail/full-disclosure/2006-October/050461.html

securityreason.com/securityalert/1818

exchange.xforce.ibmcloud.com/vulnerabilities/29933

7.4 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON