ICQ 7 Automatic Update Mechanism Arbitrary Code Execution Vulnerability

ICQ 7 Automatic Update Mechanism Arbitrary Code Execution Vulnerability

CVE-2011-0487 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetched through an automatic-update mechanism.

Learn more about our Web Application Penetration Testing UK.