CVE Vulnerabilities

CVE-2003-0237

Published: May 27, 2003 | Modified: Apr 03, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

The ICQ Features on Demand functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.

Affected Software

Name Vendor Start Version End Version
Icq Mirabilis 99a_2.15build1701 (including) 99a_2.15build1701 (including)
Icq Mirabilis 99a_2.21build1800 (including) 99a_2.21build1800 (including)
Icq Mirabilis 2000.0a (including) 2000.0a (including)
Icq Mirabilis 2000.0b_build3278 (including) 2000.0b_build3278 (including)
Icq Mirabilis 2001a (including) 2001a (including)
Icq Mirabilis 2001b_build3636 (including) 2001b_build3636 (including)
Icq Mirabilis 2001b_build3638 (including) 2001b_build3638 (including)
Icq Mirabilis 2001b_build3659 (including) 2001b_build3659 (including)
Icq Mirabilis 2002a_build3722 (including) 2002a_build3722 (including)
Icq Mirabilis 2002a_build3727 (including) 2002a_build3727 (including)
Icq Mirabilis 2003a_build3777 (including) 2003a_build3777 (including)
Icq Mirabilis 2003a_build3799 (including) 2003a_build3799 (including)
Icq Mirabilis 2003a_build3800 (including) 2003a_build3800 (including)

References