CVE-2007-5590

Multiple buffer overflows in Miranda before 0.7.1 allow remote attackers to execute arbitrary code via unspecified vectors involving (1) IRC options, (2) Jabber forms, and unspecified aspects of the (3) ICQ and (4) Yahoo! instant messaging functionality. NOTE: some of these details are obtained from third party information.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://sourceforge.net/project/shownotes.php?group_id=94142&release_id=547866
http://secunia.com/advisories/27287	Patch Vendor Advisory
http://www.securityfocus.com/bid/26115
http://osvdb.org/41804
http://osvdb.org/41807
http://osvdb.org/41806
http://osvdb.org/41805
http://www.vupen.com/english/advisories/2007/3539
https://exchange.xforce.ibmcloud.com/vulnerabilities/37291

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:miranda-im:miranda:*:*:*:*:*:*:*:*

Information

Published : 2007-10-19 16:17

Updated : 2017-07-28 18:33

NVD link : CVE-2007-5590

Mitre link : CVE-2007-5590

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

Products Affected

miranda-im

miranda

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://sourceforge.net/project/shownotes.php?group_id=94142&release_id=547866", "name": "http://sourceforge.net/project/shownotes.php?group_id=94142&release_id=547866", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/27287", "name": "27287", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/26115", "name": "26115", "tags": [], "refsource": "BID"}, {"url": "http://osvdb.org/41804", "name": "41804", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/41807", "name": "41807", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/41806", "name": "41806", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/41805", "name": "41805", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/3539", "name": "ADV-2007-3539", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37291", "name": "miranda-im-multiple-bo(37291)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple buffer overflows in Miranda before 0.7.1 allow remote attackers to execute arbitrary code via unspecified vectors involving (1) IRC options, (2) Jabber forms, and unspecified aspects of the (3) ICQ and (4) Yahoo! instant messaging functionality. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-5590", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-10-19T23:17Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:miranda-im:miranda:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "0.7.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-29T01:33Z"}