PT-2006-6357 · America Online · Icq
Peter Vreugdenhil
·
Publicado
2006-11-07
·
Atualizado
2018-10-17
·
CVE-2006-5650
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
America Online ICQ version 5.1
Description:
The issue allows remote attackers to download and execute arbitrary code via the
DownloadAgent function. This can be achieved by using an ICQ avatar.Recommendations:
For America Online ICQ version 5.1, consider disabling the
DownloadAgent function as a temporary workaround until a patch is available. Restrict access to the ICQ avatar feature to minimize the risk of exploitation.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Icq