PopUp Plus For Miranda Instant Messenger Remote Buffer Overflow Vulnerability
BID:13048
Info
PopUp Plus For Miranda Instant Messenger Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 13048 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-1093 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 06 2005 12:00AM |
| Updated: | Jul 12 2009 12:56PM |
| Credit: | [email protected] is credited with the discovery of this issue. |
| Vulnerable: |
PopUp Plus Plugin For Miranda Instant Messenger 2.0.3.8 |
| Not Vulnerable: | |
Discussion
PopUp Plus For Miranda Instant Messenger Remote Buffer Overflow Vulnerability
A remote buffer overflow vulnerability affects PopUp Plus for Miranda Instant Messenger. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
A remote buffer overflow vulnerability affects PopUp Plus for Miranda Instant Messenger. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
Exploit / POC
PopUp Plus For Miranda Instant Messenger Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
PopUp Plus For Miranda Instant Messenger Remote Buffer Overflow Vulnerability
Solution:
The vendor has released the following fix:
PopUp Plus Plugin For Miranda Instant Messenger 2.0.3.8
Solution:
The vendor has released the following fix:
PopUp Plus Plugin For Miranda Instant Messenger 2.0.3.8
-
PopUp Plus popupplus.zip
http://files.miranda-im.org/testing/popupplus.zip
References
PopUp Plus For Miranda Instant Messenger Remote Buffer Overflow Vulnerability
References:
References:
- Miranda Instant Messenger Home Page (Miranda Instant Messenger)
- PopUp Plus Home Page (PopUp Plus)
- Popup+: remotely exploitable buffer overflow (PopUp Plus)