Multiple Vulnerabilities in Mirabilis ICQ Client !

Published by

Mirabilis ICQ client is a popular program that enables users to communicate through instant messaging, chat, sending emails, SMS and wireless-pager messages, as well as transfering files and URLs.

Six security vulnerabilities were found that could lead to various forms of exploitation ranging from denying users the ability to use ICQ services to execution of arbitrary commands on vulnerable systems.
Following client is been affected: Mirabilis ICQ Pro 2003a and previous versions.
The following vulnerabilities were found: Read More [BID 7461, CAN-2003-0235, VU#936164] POP3 Client Format String in UIDL Field: ICQ provides an integrated POP3 client vulnerable to a format string attack in the UIDL command server response string (the unique-id of a message). This vulnerability can be successfully exploited by an attacker able to impersonate the POP3 server.

[BID 7462, CAN-2003-0236, VU#792988] "Subject" signed overflow in POP3 Client: ICQ provides an integrated POP3 client vulnerable to a 16bit sign overflow in the "Subject" field of e-mail headers. An attacker may be able to execute arbitrary commands by sending a malformed e-mail header to a vulnerable client.

[BID 7463, CAN-2003-0236, VU#829860] "Date" signed overflow in POP3 Client: ICQ provides an integrated POP3 client vulnerable to a 16bit sign overflow in the "Date" field of e-mail headers. An attacker may be able to execute arbitrary commands by sending a malformed e-mail header to a vulnerable client.

[BID 7465, CAN-2003-0238, VU#967316] Message advertisements denial of service attack: ICQ displays advertisements inside a message window (called 'Message Session') by using a proprietary HTML parsing/rendering library vulnerable to malformed tags input. By impersonating the static ADS server, an attacker may send malformed HTML code to the ADS rendering window freezing the ICQ interface and using 100% CPU.

[BID 7466, CAN-2003-0239, VU#680788] Input validation error in ICQ's GIF parsing/rendering library: ICQ implements its own image parsing/rendering library (found in 'icqateimg32.dll') vulnerable to an input validation error, causing a denial of service. The problem is triggered while parsing GIF89a headers.

Mirabilis is allready informed but a fix/ fixed version has not been released yet.

Get more informations over @ CoreSecurity