Re: icq vuln

[ah1 () SECURITYFOCUS COM (Al Huger - Mail Account)]

On Sun, 16 Jan 2000, Rietveld, Marco wrote:

> |2000-01-14-13:20:27 nascheme:
> |> ICQ is a disaster waiting to happen.  There is strcat and strcpy
> |> all over the place last time I looked at it.  I didn't have time
> |> to develop and exploit though.
>
> there was a recent post in bugtraq about how there's a buffer-overflow
> vulnerability when messaging URL's.. it's explained at
> http://www.securityfocus.com/vdb/.. the vulnerabilities database..
>
> marcolof

In particular:

http://www.securityfocus.com/bid/929