Sign in Get started

← All vendors

Vendor

Icq

Sign in to watch

Products

4

CVEs

8

Across products

8

Status

Private

Products

4

Icq
3 CVEs
Icq Toolbar
2 CVEs
Mirabilis Icq
2 CVEs
Activelist Server
1 CVE

Recent CVEs

8

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2000-0552	Med	0.39	5.5	0.01		Jun 6, 2000	ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information.
CVE-2009-1915		0.05	—	0.27		Jun 4, 2009	Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder that contains this file.
CVE-2008-1920		0.04	—	0.16		Apr 23, 2008	Heap-based buffer overflow in the boxelyRenderer module in the Personal Status Manager feature in ICQ 6.0 build 6043 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted personal status message.
CVE-2008-7136		0.03	—	0.05		Sep 1, 2009	toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service (toolbar crash) via a long argument to the (1) RequestURL, (2) GetPropertyById, or (3) SetPropertyById method, different vectors than CVE-2008-7135.
CVE-2008-7135		0.03	—	0.05		Sep 1, 2009	toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service (toolbar crash) via a long argument to the IsChecked method, a different vector than CVE-2008-7136.
CVE-2011-0487		0.00	—	0.01		Jan 18, 2011	ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetched through an automatic-update mechanism.
CVE-2008-1120		0.00	—	0.01		Mar 3, 2008	Format string vulnerability in the embedded Internet Explorer component for Mirabilis ICQ 6 build 6043 allows remote servers to execute arbitrary code or cause a denial of service (crash) via unspecified vectors related to HTML code generation.
CVE-1999-1342		0.00	—	0.01		Oct 17, 1999	ICQ ActiveList Server allows remote attackers to cause a denial of service (crash) via malformed packets to the server's UDP port.