Filtered by vendor Mirabilis
Subscriptions
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2303 | 1 Mirabilis | 1 Icq | 2024-08-07 | N/A |
| Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inject arbitrary web script from one application into another via a banner, which is processed in the My Computer zone using the Internet Explorer COM object. | ||||
| CVE-2006-0765 | 1 Mirabilis | 2 Icq, Icq Lite | 2024-08-07 | N/A |
| GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a specific length, which truncates the malicious extension from the display and could trick a user into executing arbitrary programs. | ||||
| CVE-2006-0766 | 1 Mirabilis | 2 Icq, Icq Lite | 2024-08-07 | N/A |
| ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly containing other modified properties such as company name, icon, and description, which could trick a user into executing arbitrary programs. | ||||
| CVE-1999-1440 | 1 Mirabilis | 1 Icq 98a | 2024-08-01 | N/A |
| Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. | ||||
| CVE-1999-1418 | 1 Mirabilis | 1 Icq Web Front | 2024-08-01 | N/A |
| ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found"). | ||||
| CVE-1999-1289 | 1 Mirabilis | 1 Icq | 2024-08-01 | N/A |
| ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration. | ||||
| CVE-1999-0474 | 1 Mirabilis | 1 Icq | 2024-08-01 | N/A |
| The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory. | ||||