America Online ICQ ActiveX Control Remote Code Execution Vulnerability

info
discussion
exploit
solution
references

America Online ICQ ActiveX Control Remote Code Execution Vulnerability

The America Online ICQ ActiveX Control is prone to a remote code-execution vulnerability.

An attacker could exploit this issue simply by sending a message to a victim ICQ user.

Exploiting this issue could allow an attacker to execute arbitrary code.

The ICQPhone.SipxPhoneManager ActiveX control with a CLSID of 54BDE6EC-F42F-4500-AC46-905177444300 is affected.