NuytsTech Security

CVE-2011-0487

by ·

ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetched through an automatic-update mechanism.

Date published : 2011-01-18

http://www.securityfocus.com/bid/45805

http://www.securityfocus.com/archive/1/515724/100/0/threaded

Tags: