1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP ICQ 6 Status Message BO

HTTP ICQ 6 Status Message BO

Severity: Medium

This attack could pose a moderate security threat. It does not require immediate action.

Description

This signature detects an attempt to exploit a buffer overflow vulnerability in ICQ which may result in remote code execution.

Additional Information

This vulnerability allows remote attackers to execute arbitrary code
on vulnerable installations in ICQ6. If the remote user has a malicious 'status message', ICQ's heap memory will be overflowed.

Affected

  • ICQ Inc. ICQ 5.1

Response

Download and install all vendor patches related to this vulnerability.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube