CVE-2003-0239

Name of the Vulnerable Software and Affected Versions: Mirabilis ICQ Pro version 2003a

Description: The issue concerns a denial of service that can be triggered by remote attackers. This is achieved through the icqateimg32.dll parsing/rendering library when it encounters malformed GIF89a headers. Specifically, the library is vulnerable when the headers do not contain a Global Color Table (GCT) or a Local Color Table (LCT) after an Image Descriptor.

Recommendations: For Mirabilis ICQ Pro version 2003a, consider disabling the icqateimg32.dll library as a temporary workaround to prevent the denial of service until a patch is available. Restrict access to GIF89a files to minimize the risk of exploitation. Avoid using the vulnerable library for parsing or rendering images until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.