---------------------------------------------------------------------- Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/ ---------------------------------------------------------------------- TITLE: ICQ File Transfer Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA24803 VERIFY ADVISORY: http://secunia.com/advisories/24803/ CRITICAL: Less critical IMPACT: System access WHERE: >From remote SOFTWARE: ICQ 5.x http://secunia.com/product/9856/ DESCRIPTION: A vulnerability has been reported in ICQ, which potentially can be exploited by malicious users to compromise another user's system. For more information: SA24747 NOTE: ICQ reportedly warns users on file transfers, requires that a user is on the contact list of the target, and does not overwrite existing files without a prompt. The vulnerability is reported in version 5.1. Other versions may also be affected. SOLUTION: ICQ clients are reportedly patched via automatic updates. PROVIDED AND/OR DISCOVERED BY: Discovered by an anonymous person and reported via iDefense Labs. ORIGINAL ADVISORY: iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=508 OTHER REFERENCES: SA24747: http://secunia.com/advisories/24747 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------