← Back

CVE-2003-0237

nvd nist
Published: May 27, 2003Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.

Affected (13)

Products: Mirabilis: Icq
Mirabilis
1 product
Icq
Configuration A
13 vulnerable
Vulnerable SoftwareAffected Versions
Mirabilis
Icq
Version 2000.0a
Icq
Version 2000.0b_build3278
Icq
Version 2001a
Icq
Version 2001b_build3636
Icq
Version 2001b_build3638
Icq
Version 2001b_build3659
Icq
Version 2002a_build3722
Icq
Version 2002a_build3727
Icq
Version 2003a_build3777
Icq
Version 2003a_build3799
Icq
Version 2003a_build3800
Icq
Version 99a_2.15build1701
Icq
Version 99a_2.21build1800

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.