JG
01-25-2002, 09:50 PM
http://www.cert.org/advisories/CA-2002-02.html
There is a remotely exploitable buffer overflow in ICQ. Attackers that are able to exploit the vulnerability may be able to execute arbitrary code with the privileges of the victim user. Full details are discussed in VU#570167. An exploit is known to exist, but we do not believe it has been distributed in the wild. We have not seen active scanning for this vulnerability, nor have we received any reports of this vulnerability being exploited.
Here's a link to the newest build...
http://download.cnet.com/downloads/0-10060-108-19877.html?bt.17670.10013..dl-19877
There is a remotely exploitable buffer overflow in ICQ. Attackers that are able to exploit the vulnerability may be able to execute arbitrary code with the privileges of the victim user. Full details are discussed in VU#570167. An exploit is known to exist, but we do not believe it has been distributed in the wild. We have not seen active scanning for this vulnerability, nor have we received any reports of this vulnerability being exploited.
Here's a link to the newest build...
http://download.cnet.com/downloads/0-10060-108-19877.html?bt.17670.10013..dl-19877