licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux | 7.0 |
| mandrakesoft | mandrake_linux | 7.1 |
| conectiva | linux | 5.0 |
| freebsd | freebsd | 4.2 |
| conectiva | linux | 4.1 |
| mandrakesoft | mandrake_linux | 7.2 |
| freebsd | freebsd | 3.5.1 |
| conectiva | linux | 4.0es |
| mandrakesoft | mandrake_linux_corporate_server | 1.0.1 |
| conectiva | linux | 4.2 |
| conectiva | linux | 4.0 |
| licq | licq | * |
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mandrakesoft | mandrake_linux | 7.1 |
| conectiva | linux | 5.0 |
| conectiva | linux | ecommerce |
| conectiva | linux | 4.1 |
| mandrakesoft | mandrake_linux | 7.2 |
| conectiva | linux | 6.0 |
| conectiva | linux | 4.0es |
| conectiva | linux | 5.1 |
| conectiva | linux | 4.2 |
| conectiva | linux | 4.0 |
| licq | licq | * |
| conectiva | linux | prg_graficos |
Buffer overflow in licq 1.0.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string of format string characters such as "%d".
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| licq | licq | 1.0.2 |
| licq | licq | 1.0 |
| licq | licq | 1.0.3 |
| licq | licq | 1.0.4 |
| licq | licq | 1.0.1 |
Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| licq | licq | 1.2.6 |
| licq | licq | 1.0.3 |