Peter Ferrie, Frédéric Perriot, Péter Ször
Virus Bulletin, May 2004, pp. 9-10
ISSN 0956-9979
May 2004
W32/Witty is a UDP-based worm employing a vulnerability in ISS security products, such as the BlackICE firewall, to spread. More specifically, Witty uses a stack buffer overflow in the code that parses ICQ v5 packets.