CVE-2009-1915

Name of the Vulnerable Software and Affected Versions: ICQ version 6.5

Description: The issue is related to a stack-based buffer overflow in the URL Search Hook, specifically in the ICQToolBar.dll component. This can be triggered by a remote attacker using an Internet shortcut .URL file that contains a long URL parameter. When a user browses a folder containing this file, it can cause a persistent crash and potentially allow the execution of arbitrary code.

Recommendations: For ICQ version 6.5, consider avoiding the use of the URL Search Hook feature until a fix is available, or refrain from browsing folders that may contain malicious .URL files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.