| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050406184502.12ADC3414D@sa6.bezeqint.net> Date: Wed Apr 6 19:54:10 2005 From: editor at sec.org.il (פורטל אבטחת המיד) Subject: PopUp Plus plugin for Miranda Instant Messenger Buffer Overflow Title: PopUp Plus plugin for Miranda Instant Messenger Buffer Overflow Risk: High Date: 06-04-2005 Publisher: m0fo (editor at sec.org.il) Vendor: zazoo (zazoo at ua.fm) URL: <http://miranda-im.org/download/details.php?action=viewfile&id=1170> http://miranda-im.org/download/details.php?action=viewfile&id=1170. Miranda Instant Messenger is application that provides several messenger services like ICQ, MSN, IRC etc. One of Mirandas' widely used plugins (PopUp Plus), is vulnerable to a buffer overflow condition. While the option "Use SmileyAdd Setting" is enabled on the application menu (Popups > Plus), a remote attacker could trigger the buffer overflow by sending roughly 530 characters as an instant message. EIP gets overwritten at 523 chars exactly. The affected version of the plugin is 2.0.3.8, prior versions may also be vulnerable. I tried to get a vendor response (zazoo), however the mail bounced. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050406/af314269/attachment.html
Powered by blists - more mailing lists