CVE-2003-0236 | Vulnerability Database | Aqua Security

Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers.

Affected Software

Name	Vendor	Start Version	End Version
Icq	Mirabilis	99a_2.15build1701 (including)	99a_2.15build1701 (including)
Icq	Mirabilis	99a_2.21build1800 (including)	99a_2.21build1800 (including)
Icq	Mirabilis	2000.0a (including)	2000.0a (including)
Icq	Mirabilis	2000.0b_build3278 (including)	2000.0b_build3278 (including)
Icq	Mirabilis	2001a (including)	2001a (including)
Icq	Mirabilis	2001b_build3636 (including)	2001b_build3636 (including)
Icq	Mirabilis	2001b_build3638 (including)	2001b_build3638 (including)
Icq	Mirabilis	2001b_build3659 (including)	2001b_build3659 (including)
Icq	Mirabilis	2002a_build3722 (including)	2002a_build3722 (including)
Icq	Mirabilis	2002a_build3727 (including)	2002a_build3727 (including)
Icq	Mirabilis	2003a_build3777 (including)	2003a_build3777 (including)
Icq	Mirabilis	2003a_build3799 (including)	2003a_build3799 (including)
Icq	Mirabilis	2003a_build3800 (including)	2003a_build3800 (including)

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html
http://marc.info/?l=bugtraq\u0026m=105216842131995\u0026w=2
http://www.coresecurity.com/common/showdoc.php?idx=315\u0026idxseccion=10
http://www.securityfocus.com/bid/7462
http://www.securityfocus.com/bid/7463
https://exchange.xforce.ibmcloud.com/vulnerabilities/11939

NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0236
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html