CVE-2011-0487

ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetched through an automatic-update mechanism...

Code injection

ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetched through an automatic-update mechanism...

CVE-2011-0487

The CVE-2011-0487 issue affects ICQ 7 where the update mechanism does not verify update authenticity, enabling a man-in-the-middle attacker to deliver a crafted file via the automatic-update channel and achieve arbitrary code execution. Public sources in the connected documents consistently descr...

Remote Code Execution in ICQ 7

SUMMARY The ICQ 7 instant messaging client allows remote code execution due to a flaw in its automatic update mechanism. VULNERABLE APPLICATIONS All versions of ICQ 7 for Windows, up to version 7.2, build 3525 which is the current version ICQ 6 and older versions were not tested. Other ICQ client...

ICQ 7 fails to verify the origin of software updates

Overview ICQ 7 does not verify the origin of automatic updates which may allow a remote attacker to execute arbitrary code. Description According to ICQ's website: "ICQ, the pioneer of Instant Messaging IM, now offers the optimal integration between Instant Messaging and Social Networks with the...