CVE-2003-0239

icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html
http://marc.info/?l=bugtraq&m=105216842131995&w=2
http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10	Vendor Advisory
http://www.securityfocus.com/bid/7466	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/11948

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mirabilis:icq:99a_2.15build1701:::::::*
	cpe:2.3:a:mirabilis:icq:99a_2.21build1800:::::::*
	cpe:2.3:a:mirabilis:icq:2000.0a:::::::*
	cpe:2.3:a:mirabilis:icq:2000.0b_build3278:::::::*
	cpe:2.3:a:mirabilis:icq:2001a:::::::*
	cpe:2.3:a:mirabilis:icq:2001b_build3636:::::::*
	cpe:2.3:a:mirabilis:icq:2001b_build3638:::::::*
	cpe:2.3:a:mirabilis:icq:2001b_build3659:::::::*
	cpe:2.3:a:mirabilis:icq:2002a_build3722:::::::*
	cpe:2.3:a:mirabilis:icq:2002a_build3727:::::::*
	cpe:2.3:a:mirabilis:icq:2003a_build3777:::::::*
	cpe:2.3:a:mirabilis:icq:2003a_build3799:::::::*
	cpe:2.3:a:mirabilis:icq:2003a_build3800:::::::*

History

No history.

Information

Published : 2003-05-27 04:00

Updated : 2023-12-10 10:17

NVD link : CVE-2003-0239

Mitre link : CVE-2003-0239

CVE.ORG link : CVE-2003-0239

JSON object : View

Products Affected

mirabilis

icq

CWE

NVD-CWE-Other

{"id": "CVE-2003-0239", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-05-27T04:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0051.html", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=105216842131995&w=2", "source": "cve@mitre.org"}, {"url": "http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/7466", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11948", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor."}, {"lang": "es", "value": "La librer\u00eda de parseo icqateimg32.dll en Mirabilis ICQ Pro 2003a permite que atacantes remotos provoquen una denegaci\u00f3n de servicio mediante encabezamientos GIF89z mal formados que no contienen una GCT (Tabla de Color Global) o una LCT (Tabla de Color Local) despues un descriptor de imagen."}], "lastModified": "2017-07-11T01:29:29.417", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mirabilis:icq:99a_2.15build1701:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9CB6B89-E3B1-4096-AF07-C9E74BFCABDC"}, {"criteria": "cpe:2.3:a:mirabilis:icq:99a_2.21build1800:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7181BF12-E9B6-4F8E-B1D0-3251007389D8"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2000.0a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C7B95B0-8CCB-4561-B354-80925B9769D6"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2000.0b_build3278:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C1E49E4-1BB4-40BF-AB6F-829ACAEDC581"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2001a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BEA5FE1-267D-41B3-AA41-794DA021C4A1"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2001b_build3636:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B10F3133-2D77-4A16-9F16-766EB4B3C5DA"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2001b_build3638:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E03F3686-071C-48E4-ABDD-BF68162CDC20"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2001b_build3659:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC70672D-FE67-42C2-83D2-D1E554BF2C8B"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2002a_build3722:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28ABA292-10F6-447A-9494-CA716B9F47FD"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2002a_build3727:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0228FD42-8E98-472C-9C8A-D8396DF4E30E"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2003a_build3777:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1884958-DBAB-4999-9EBF-96D363FF26D5"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2003a_build3799:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74A65FB3-ECB5-45EF-9B53-9F55E55B2DA0"}, {"criteria": "cpe:2.3:a:mirabilis:icq:2003a_build3800:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F0A9C10-A685-4D02-A9FF-6689441AF598"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}