icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

ICQ 6 HTML Code Generation Remote Format String

High

Synopsis

The remote host is vulnerable to a remote format string flaw.

Description

The remote host is an ICQ client. ICQ is a messaging software that is used for chat, file exchange and more. This version is reported to be vulnerable to a remote format string overflow. An attacker exploiting this flaw would need to be able to convince a user to open a specially formatted message. Successful exploitation would result in the attacker executing arbitrary code on the target machine.

Solution

Upgrade to version 6 build 6043 or higher.