Icq
by Mirabilis
CVEs (25)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0367 | 0.00 | — | 0.01 | Jun 27, 2001 | Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters. | |||
| CVE-2000-0564 | 0.00 | — | 0.01 | May 29, 2000 | The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. | |||
| CVE-1999-0474 | 0.00 | — | 0.02 | Apr 5, 1999 | The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory. | |||
| CVE-1999-1440 | 0.00 | — | 0.01 | Jan 1, 1999 | Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user… | |||
| CVE-1999-1289 | 0.00 | — | 0.01 | Nov 11, 1998 | ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network… |
- CVE-2001-0367Jun 27, 2001risk 0.00cvss —epss 0.01
Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters.
- CVE-2000-0564May 29, 2000risk 0.00cvss —epss 0.01
The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter.
- CVE-1999-0474Apr 5, 1999risk 0.00cvss —epss 0.02
The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory.
- CVE-1999-1440Jan 1, 1999risk 0.00cvss —epss 0.01
Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user…
- CVE-1999-1289Nov 11, 1998risk 0.00cvss —epss 0.01
ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network…
Page 2 of 2