CenterICQ IJHook.CC远程缓冲区溢出漏洞

CenterICQ包含对LiveJournal的支持，如张贴日记，读取其他BLOG的RSS种子等其他功能。 CenterICQ存在缓冲区溢出问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于SOURCE/src/hooks/ljhook.cc文件中： char buf512; ... iffindfriendof.begin, friendof.end, in-first == friendof.end friendof.pushbackin-first; if!foempty bd = string "http://" +...

CVE-2007-0160

Stack-based buffer overflow in the LiveJournal support hooks/ljhook.cc in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by adding the victim as a friend and using long 1...