{"vuid":"VU#400780","idnumber":"400780","name":"AOL ICQ Pro fails to properly handle incoming message lengths","keywords":["AOL","ICQ Pro 2003b","heap overflow","DoS","denial of service","message lengths","MCRegEx_Search()"],"overview":"A buffer overflow vulnerability in  ICQ may allow a remote attacker to execute arbitrary code or create a denial-of-service condition.","clean_desc":"ICQ is a instant messaging application that is maintained by AOL. A buffer overflow vulnerability in ICQ Pro 2003b may allow a remote, unauthenticated attacker to execute arbitrary code or create a denial-of-service condition. By sending a specially crafted message to a vulnerable ICQ client, an attacker can trigger the overflow. This vulnerability may also be exploited by convincing a user to connect to a malicious server.","impact":"A remote, unauthenticated attacker can execute arbitrary code with the privileges of the user who is running ICQ or create a denial-of-service condition.","resolution":"Upgrade\nAOL has addressed this issue in version 5.1 of the ICQ client.","workarounds":"Limit privileges Running the ICQ client with reduced privileges may help mitigate the effects of this vulnerability. Users with administrator access can run ICQ with reduced privileges by following the instructions in Microsoft knowledgebase article 294676.","sysaffected":"","thanks":"Thanks to \nCoreLabs\n for reporting this issue.","author":"This document was written by Ryan Giobbi.","public":["http://isc.sans.org/diary.php?n&storyid=1680","http://secunia.com/advisories/21834/","http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1510"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-09-08T13:47:53Z","publicdate":"2006-09-07T00:00:00Z","datefirstpublished":"2006-09-11T19:31:36Z","dateupdated":"2006-09-11T19:44:27Z","revision":46,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"1","cam_population":"15","cam_impact":"11","cam_easeofexploitation":"10","cam_attackeraccessrequired":"19","cam_scorecurrent":"9.405","cam_scorecurrentwidelyknown":"12.3440625","cam_scorecurrentwidelyknownexploited":"24.1003125","ipprotocol":"tcp","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":9.405,"vulnote":null}