彙總 icq 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 緩衝區溢位與輸入驗證問題,在 軟體部署與生產負載 使用場景中可能帶來 應用程式崩潰、記憶體損壞與異常行為 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2011-0487 | ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetched through an automatic-update mechanism. | [email protected] | 9.3 | 2.55% | 2011-01-18 | 2026-06-16 |
| CVE-2008-7136 | toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service (toolbar crash) via a long argument to the (1) RequestURL, (2) GetPropertyById, or (3) SetPropertyById method, different vectors than CVE-2008-7135. | [email protected] | 4.3 | 4.24% | 2009-09-01 | 2026-06-16 |
| CVE-2008-7135 | toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service (toolbar crash) via a long argument to the IsChecked method, a different vector than CVE-2008-7136. | [email protected] | 4.3 | 2.15% | 2009-09-01 | 2026-06-16 |
| CVE-2009-1915 | Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder that contains this file. | [email protected] | 4.3 | 4.95% | 2009-06-04 | 2026-06-16 |
| CVE-2008-1920 | Heap-based buffer overflow in the boxelyRenderer module in the Personal Status Manager feature in ICQ 6.0 build 6043 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted personal status message. | [email protected] | 7.5 | 5.80% | 2008-04-23 | 2026-06-16 |
| CVE-2008-1120 | Format string vulnerability in the embedded Internet Explorer component for Mirabilis ICQ 6 build 6043 allows remote servers to execute arbitrary code or cause a denial of service (crash) via unspecified vectors related to HTML code generation. | [email protected] | 9.3 | 2.68% | 2008-03-03 | 2026-06-16 |
| CVE-2000-0552 | ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information. | [email protected] | 5.5 | 1.12% | 2000-06-06 | 2026-06-16 |
| CVE-1999-1342 | ICQ ActiveList Server allows remote attackers to cause a denial of service (crash) via malformed packets to the server's UDP port. | [email protected] | 5.0 | 1.28% | 1999-10-17 | 2026-06-16 |