CVE-2006-0765

Name of the Vulnerable Software and Affected Versions ICQ versions 2003a, 2003b, Lite 4.0, Lite 4.1

Description The issue allows remote attackers to hide malicious file extensions by creating filenames that are all uppercase and of a specific length, which truncates the malicious extension from the display. This could trick a user into executing arbitrary programs, bypassing Windows security warnings.

Recommendations For versions 2003a, 2003b, Lite 4.0, Lite 4.1, consider avoiding the use of filenames that could be manipulated to hide malicious extensions until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.