CVE-2003-0365

Name of the Vulnerable Software and Affected Versions: ICQLite version 2003a

Description: The issue allows local users to gain privileges as other users by replacing executables with malicious programs, due to the ICQ Lite directory being created with an Access Control Entry (ACE) for "Full Control" privileges for Interactive Users.

Recommendations: For ICQLite version 2003a, consider restricting access to the ICQ Lite directory to prevent local users from replacing executables with malicious programs. As a temporary workaround, monitor the directory for any suspicious activity and restrict the execution of any replaced executables until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.