Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2006-0765

EPSS 1.16% · P63
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-0765

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a specific length, which truncates the malicious extension from the display and could trick a user into executing arbitrary programs.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mirabilis ICQ文件传输扩展名隐藏漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ICQ Inc. (前身为Mirabilis)ICQ 2003a、2003b、Lite 4.0、Lite 4.1,还可能包括其他适用于Windows的版本中存在GUI显示截断漏洞。用户协助式远程攻击者可以借助全采用大写且具有特定长度的文件名(会从显示屏上截断恶意扩展名,并可能诱使用户执行任意程序)隐藏恶意文件扩展名,绕过Windows安全警告。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-0765

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-0765

登录查看更多情报信息。

Vendor Advisories for CVE-2006-0765 (2)

Same Patch Batch · n/a · 2006-02-18 · 24 CVEs total

CVE-2006-0754Dotproject多个远程文件包含漏洞
CVE-2006-0766Mirabilis ICQ文件传输扩展名隐藏漏洞
CVE-2006-0764Cisco多个产品TACACS+访问认证绕过漏洞
CVE-2006-0763cPanel dowebmailforward.cgi 跨站脚本攻击漏洞
CVE-2006-0762WinAbility Folder Guard 'FGuard.FGP'未授权访问漏洞
CVE-2006-0761BlackBerry Enterprise Server畸形Word附件缓冲区溢出漏洞
CVE-2006-0760LightTPD 信息泄露漏洞
CVE-2006-0759HiveMail多个远程安全漏洞
CVE-2006-0758HiveMail多个远程安全漏洞
CVE-2006-0757HiveMail多个远程安全漏洞
CVE-2006-0756Dotproject多个远程文件包含漏洞
CVE-2006-0755Dotproject多个远程文件包含漏洞
CVE-2005-4724PhpTagCool post.php SQL注入漏洞
CVE-2006-0753Microsoft Internet Explorer 内存泄露漏洞
CVE-2006-0752Honeyd IP重组远程虚拟主机检测漏洞
CVE-2006-0751Network Object Oriented File System 多个未明漏洞
CVE-2006-0750IPB Army System Army.PHP SQL注入漏洞
CVE-2006-0771PunkBuster 格式化字符串漏洞
CVE-2006-0770MyBulletinBoard calendar.php跨站脚本攻击漏洞
CVE-2006-0769Sun Solaris in.rexecd守护程序本地权限提升漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

V. Comments for CVE-2006-0765

No comments yet


Leave a comment