CVE-2000-0552

MEDIUM

ICQ 2000A - Information Disclosure via World-Readable Temporary File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0552. PoCs published by Gert Fokkema.

AI-analyzed exploit summary The vulnerability involves ICQmailclient creating a temporary internet link in a default directory, which remains accessible after the user signs out. This link contains credentials in plaintext, allowing unauthorized access to the ICQmail web account.

Description

ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Gert Fokkema · textlocalwindows
https://www.exploit-db.com/exploits/19993

The vulnerability involves ICQmailclient creating a temporary internet link in a default directory, which remains accessible after the user signs out. This link contains credentials in plaintext, allowing unauthorized access to the ICQmail web account.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: ICQmailclient (version not specified)
No auth needed
Prerequisites: Access to the system where ICQmailclient is used · Knowledge of the default temporary directory location
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1307
Broken Link, Exploit, Patch, Vendor Advisory mailing-list x_refsource_ntbugtraq
http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0237.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/4607

Scores

CVSS v3 5.5
EPSS 0.0112
EPSS Percentile 61.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-459
Status published
Products (1)
icq/icq 2000a
Published Jun 06, 2000
Tracked Since Feb 18, 2026