Local Heap OverFlow Vulnerability in "Answering Service" of Icq

2006.11.07

Credit: LegendaryZion

Risk: Low

Local: Yes

Remote: No

CVE: CVE-2006-5724

CWE: N/A

CVSS Base Score: 2.1/10

Impact Subscore: 2.9/10

Exploitability Subscore: 3.9/10

Exploit range: Local

Attack complexity: Low

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Partial

&#183;= Security Advisory =&#183;
Issue: Local Heap OverFlow Vulnerability
in "Answering Service" of Icq.
Discovered Date: 09/08/2006
Author: Tal Argoni, LegendaryZion. [talargoni at gmail.com]
Product Vendor: http://www.Icq.com
Details:
Icq 2003 client is prone to a Local Heap OverFlow Vulnerability.
The vulnerability exists in "Answering Service" function,
because lack of boundary testing.
Usage:
Open the key: HKLMSoftwareMirabilisICQICQProDefaultPrefsPresets
Edit the value: AwayMsg Presets [#]
Add 501 bytes string value.
Open icq.
Change the away to the one you have audit above and the icq client crash.
Tested on Icq 2003b 3916
Thanks,
Tal Argoni, CEH
www.zion-security.com

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Local Heap OverFlow Vulnerability in "Answering Service" of Icq

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.