Miranda Multiple Buffer Overflow Vulnerabilities
BID:26115
Info
Miranda Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 26115 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-5542 CVE-2007-5543 CVE-2007-5590 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 10 2007 12:00AM |
| Updated: | Nov 15 2007 12:37AM |
| Credit: | David Wharton with the SecureWorks Research Team discovered these issues. |
| Vulnerable: |
Miranda Miranda IM 0.7 |
| Not Vulnerable: |
Miranda Miranda IM 0.7.1 |
Discussion
Miranda Multiple Buffer Overflow Vulnerabilities
Miranda is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.
Successful exploits may allow attackers to execute arbitrary code in the context of a vulnerable application; failed attempts will likely cause denial-of-service conditions.
These issues affect versions prior to Miranda 0.7.1.
Miranda is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.
Successful exploits may allow attackers to execute arbitrary code in the context of a vulnerable application; failed attempts will likely cause denial-of-service conditions.
These issues affect versions prior to Miranda 0.7.1.
Exploit / POC
Miranda Multiple Buffer Overflow Vulnerabilities
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Miranda Multiple Buffer Overflow Vulnerabilities
Solution:
The vendor has released updates to address these issues. Please see the references for more information.
Miranda Miranda IM 0.7
Solution:
The vendor has released updates to address these issues. Please see the references for more information.
Miranda Miranda IM 0.7
-
Miranda Miranda 0.7.1
http://sourceforge.net/project/showfiles.php?group_id=94142
References
Miranda Multiple Buffer Overflow Vulnerabilities
References:
References:
- [Full-disclosure] Miranda IM Multiple Buffer Overflow Vulnerabilities (Research
- Miranda IM Homepage (Miranda)
- Miranda IM v0.7.1 Released (Miranda)
- Miranda Release Notes (Miranda)