VULHUB ™

KICQ is an ICQ-compatible interactive messaging client for Unix. Versions of KICQ are vulnerable to remote execution of arbitrary commands embedded in URLs. A maliciously-composed URL containing shell metacharacters and shell commands can be sent in an instant message by an attacker. When the KICQ user clicks this link, the hostile code contained in the URL will execute with the privilege level of the user running KICQ.

KICQ is an ICQ-compatible interactive messaging client for Unix. Versions of KICQ are vulnerable to remote execution of arbitrary commands embedded in URLs. A maliciously-composed URL containing shell metacharacters and shell commands can be sent in an instant message by an attacker. When the KICQ user clicks this link, the hostile code contained in the URL will execute with the privilege level of the user running KICQ.