CVE-2007-5396 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-5396
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-5396

Description: Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle (who).

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/38362 SAID Secunia Advisory: SA27402 MISC http://secunia.com/secunia_research/2007-89/advisory/ CONFIRM http://miranda.svn.sourceforge.net/viewvc/miranda/trunk/miranda/protocols/Yahoo/yahoo.c?r1=6601&r2=6699&diff_format=l BID 26389

Return to the previous page.