CVE-2003-0237

Published May 27, 2003

Last updated 7 years ago

Overview

Description: The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:99a_2.15build1701:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9CB6B89-E3B1-4096-AF07-C9E74BFCABDC"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:99a_2.21build1800:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7181BF12-E9B6-4F8E-B1D0-3251007389D8"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2000.0a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C7B95B0-8CCB-4561-B354-80925B9769D6"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2000.0b_build3278:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C1E49E4-1BB4-40BF-AB6F-829ACAEDC581"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2001a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BEA5FE1-267D-41B3-AA41-794DA021C4A1"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2001b_build3636:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B10F3133-2D77-4A16-9F16-766EB4B3C5DA"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2001b_build3638:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E03F3686-071C-48E4-ABDD-BF68162CDC20"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2001b_build3659:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC70672D-FE67-42C2-83D2-D1E554BF2C8B"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2002a_build3722:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28ABA292-10F6-447A-9494-CA716B9F47FD"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2002a_build3727:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0228FD42-8E98-472C-9C8A-D8396DF4E30E"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2003a_build3777:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1884958-DBAB-4999-9EBF-96D363FF26D5"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2003a_build3799:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74A65FB3-ECB5-45EF-9B53-9F55E55B2DA0"
          },
          {
            "criteria": "cpe:2.3:a:mirabilis:icq:2003a_build3800:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F0A9C10-A685-4D02-A9FF-6689441AF598"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References