CVE-2006-4662

Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type.

Published: Sep 9, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-4662
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mirabilis / icq	2001b_build3636	2001b_build3636.x
mirabilis / icq	2003b	2003b.x
mirabilis / icq	2003a_build3777	2003a_build3777.x
mirabilis / icq	2003a	2003a.x
mirabilis / icq	2003b_build3096	2003b_build3096.x
mirabilis / icq	99a_2.21build1800	99a_2.21build1800.x
mirabilis / icq	2002a_build3722	2002a_build3722.x
mirabilis / icq	0.99b_v.3.19	0.99b_v.3.19.x
mirabilis / icq	99a_2.15build1701	99a_2.15build1701.x
mirabilis / icq	2001a	2001a.x
mirabilis / icq	2002a_build3727	2002a_build3727.x
mirabilis / icq	2003a_build3799	2003a_build3799.x
mirabilis / icq	98.0a	98.0a.x
mirabilis / icq	2001b_build3638	2001b_build3638.x
mirabilis / icq	0.99b_1.1.1.1	0.99b_1.1.1.1.x
mirabilis / icq	2000.0a	2000.0a.x
mirabilis / icq	2001b_build3659	2001b_build3659.x
mirabilis / icq	2000.0b_build3278	2000.0b_build3278.x
mirabilis / icq	2003a_build3800	2003a_build3800.x

Vulnerability Database

290,206

CVE-2006-4662