CVE-2008-1920

Name of the Vulnerable Software and Affected Versions ICQ version 6.0 build 6043

Description The issue is related to a heap-based buffer overflow in the boxelyRenderer module within the Personal Status Manager feature. This can be exploited by remote attackers through a crafted personal status message, potentially leading to a denial of service (crash) or the execution of arbitrary code.

Recommendations For ICQ version 6.0 build 6043, consider disabling the boxelyRenderer module in the Personal Status Manager feature as a temporary workaround until a patch is available. Restrict the handling of personal status messages to minimize the risk of exploitation.