ICQ 6 Personal Status Processing Vulnerability

April 22nd, 2008

ICQ 6 Personal Status Processing Vulnerability

A new vulnerability in ICQ can be exploited by malicious people to compromise another user’s system. The vulnerability is caused due to a boundary error when processing “Personal Statuses” set via the “Personal Status Manager” menu. This can be exploited to cause a heap-based buffer overflow by creating a specially crafted personal status and e.g. sending a message to another user.

Successful exploitation allows execution of arbitrary code.

The vulnerability is reported in version 6 build 6043. Other versions may also be affected.

The vendor has reportedly issued a fix via automatic updates.

Email, Bookmark or Share:

More on CyberInsecure:

Critical PDF Processing Vulnerability In BlackBerry Enterprise Server

Ukrainian Scammers Will Hack Any Facebook, Myspace, ICQ Account For Just 100USD

Cyber Criminals Extract Personal Details From CVs Posted Onto Job Sites

Cross-Site Scripting Vulnerability On Paypal Could Be Used In Phishing Attacks

Facebook Urges Public Exposure In ‘Privacy’ Revision

Posted in Software, Vulnerabilities |

Print This Post

This entry was posted on Tuesday, April 22nd, 2008 at 5:26 am and is filed under Software, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

If you found this information useful, consider linking to it from your own website.
Just copy and paste the code below into your website (Ctrl+C to copy)
It will look like this: ICQ 6 Personal Status Processing Vulnerability

Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

Latest News Updates

New Google Chrome version 4.1.249.1036 released, fixes multiple security vulnerabilities.

Adobe published an out-of-sequence update for its Reader and Acrobat software packages that tackles a brace of serious flaws. Adobe advises users to upgrade to Acrobat version 9.3.1 and Reader version 9.3.1

Adobe has released a security update for its Flash Player and AIR products. The patch addresses a critical unauthorized cross-domain interaction vulnerability, as well as a Denial of Service issue. Users are advised to upgrade to Flash Player 10.0.45.2 and AIR 1.5.3.1930.

Latest Virus Descriptions

Backdoor.Win32.Clampi.a 25 Sep 2009 14:51:00 +030
This Trojan spy program is designed to steal confidential user data and remotely manage the victim machine. It is a Windows PE EXE file. It is 470 bytes in size. Installation When launched, the Trojan creates the following file: %AppData%\<name>.exe <name&gr; is chosen at random from…
Trojan-Dropper.Win32.Agent.albv 15 Apr 2009 12:17:00 +030
This Trojan has a malicious payload. It is a Windows PE EXE file. It is 23552 bytes in size. Installation The Trojan copies its executable file as follows: %WinDir%\system\svhost.exe In order to ensure that the Trojan is launched automatically when the system is rebooted, the Trojan adds a link…
Backdoor.Win32.Agent.abgg 15 Apr 2009 12:15:00 +030
This Trojan provides a remote malicious user with access to the victim machine. It is a Windows PE EXE file. It is 22528 bytes in size. Installation Once launched, the Trojan copies its body to the Windows system directory as “digeste.dll”: %System%\digeste.dll In order to ensure that the Trojan…
Trojan-Dropper.Win32.Kido.a 15 Apr 2009 12:09:00 +030
This Trojan is designed to install and launch other programs on the victim machine without the knowledge or consent of the user. It is a Windows PE EXE file. It is 78848 bytes in size. It is written in C++.
Trojan-Downloader.Win32.Kido.a 18 Mar 2009 16:36:00 +030
This malicious program is a Windows DLL file. Installation The malware copies its executable file with random names to the following directories: %Program Files%\Internet Explorer\<rnd>.dll %Program Files%\Windows Media Player\<rnd>.dll %Program Files%\WindowsNT\<rnd>.dll %Program…
Email-Worm.Win32.Merond.a 12 Mar 2009 19:36:00 +030
This worm spreads as an attachment to infected emails and also via file-sharing networks and removable media. The worm itself is a Windows PE EXE file. The worm’s executable file can vary between 150KB to 400KB in size. Installation The worm copies its executable file to the Windows system…
Trojan.Win32.Agent.azsy 12 Mar 2009 19:29:00 +030
This malicious program is a Trojan. It is a Windows PE EXE file. It is 417792 bytes in size. It is packed using UPX. The unpacked file is approximately 439KB in size. It is written in C++. Installation Once launched, the Trojan copies its body to the current user’s Windows startup…
Trojan.Win32.Agent2.dtb 12 Mar 2009 19:23:00 +030
This Trojan calls premium rate numbers without the knowledge or consent of the user. It is a Windows PE EXE file. It is 25131 bytes in size. It is written in Delphi.
Trojan-Downloader.Win32.Small.ydh 24 Feb 2009 11:45:00 +030
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user’s knowledge or consent. It is a Windows PE EXE file. It is 34816 bytes in size. It is not packed in any way. It is written in C++. Installation Once launched, the Trojan…
Trojan-Downloader.Win32.Agent.ahoe 24 Feb 2009 11:32:00 +030
This Trojan downloads another malicious program via the Internet and launches it on the victim machine without the user’s knowledge or consent. It is a Windows PE EXE file. It is 9216 bytes in size. It is packed using UPX. The unpacked file is approximately 38KB in size. It is written in…

CyberInsecure.com