CVE-2006-5650

Published: Nov 7, 2006Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar.

Affected (1)

Products: Aol: Icq

Aol

1 product

Icq

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Aol Icq	Version 5.1

References (16)

http://secunia.com/advisories/22670

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/1830

Source: cve@mitre.org

http://securitytracker.com/id?1017163

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/450726/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/20930

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/4362

Source: cve@mitre.org

http://www.zerodayinitiative.com/advisories/ZDI-06-037.html

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/30059

Source: cve@mitre.org

http://secunia.com/advisories/22670