'[Full-disclosure] Local Heap OverFlow Vulnerability in "Answering'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Local Heap OverFlow Vulnerability in "Answering
From:       "LegendaryZion" <moskito () smile ! net ! il>
Date:       2006-10-31 16:25:13
Message-ID: 000001c6fd1d$09c963f0$6502a8c0 () zionsecutiy
[Download RAW message or body]


·= Security Advisory =·

Issue: Local Heap OverFlow Vulnerability
in "Answering Service" of Icq.
Discovered Date: 09/08/2006
Author: Tal Argoni, LegendaryZion. [talargoni at gmail.com]
Product Vendor: http://www.Icq.com

Details:

Icq 2003 client is prone to a Local Heap OverFlow Vulnerability.
The vulnerability exists in "Answering Service" function,
because lack of boundary testing.

Usage:

Open the key: HKLM\Software\Mirabilis\ICQ\ICQPro\DefaultPrefs\Presets
Edit the value: AwayMsg Presets [#]
Add 501 bytes string value.
Open icq.
Change the away to the one you have audit above and the icq client crash.

Tested on Icq 2003b 3916


Thanks,
Tal Argoni, CEH
www.zion-security.com 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic