0 Results Found
            Back To Results
              Threat Analysis

              Miranda IM Multiple Buffer Overflow Vulnerabilities

              • Date: October 23, 2007
              • Author: David Wharton

              Summary

              Multiple buffer overflow vulnerabilities exist in Miranda IM, a popular open source instant messaging client.

              Scope:

              These vulnerabilities have been verified in the following Miranda IM version(s):

              • 0.6.8
              • 0.7.0

              Note: one vulnerability in version 0.6.8 was fixed in version 0.7.0.

              Description:

              Miranda IM is a popular open source instant messaging client that supports a wide range of protocols. Multiple buffer overflow vulnerabilities have been found in Miranda IM, including a remotely triggered stack based overflow in the section that implements the Yahoo! Messenger protocol. A maliciously crafted Yahoo! Messenger packet could overflow a buffer on the stack and lead to arbitrary code execution.

              Recommendations:

              Upgrade to version 0.7.1 or later of the Miranda IM client. Also, remote exploitation of the vulnerabilities can be prevented by blocking Yahoo! Messenger traffic on your network.

              Credits:

              David Wharton is a security researcher with SecureWorks' Research Team and is working on his M.S. in Information Security degree from Georgia Tech.

              About SecureWorks:

              With over 2,000 clients, SecureWorks is one of the leading managed security services providers in the market. The research and advisory firm, Gartner, Inc., recently positioned SecureWorks in the Leaders quadrant in its Managed Security Services Provider (MSSP) Magic Quadrant for the first half of 2007 and Forrester Research cited SecureWorks as the "MSSP with the largest market share of customers in North America" in their recent Wave report. SecureWorks provides effective security services by leveraging our integrated security management platform, advanced security research, and 100 percent GIAC certified experts. By providing a full breadth of security services, SecureWorks offers fully-managed, co-managed, monitored or self-service security solutions to meet the needs of Fortune 100 companies with large security teams as well as smaller companies with no security expertise. In addition, SecureWorks has helped companies pass over 2,400 compliance audits by providing comprehensive and straight-forward board and examination reports. SecureWorks won SC Magazine's 2007 and 2006 MSSP of the Year award and the 2006 Best Intrusion Prevention award, Frost & Sullivan's 2006 Entrepreneurial Company of the Year award and was named to the Deloitte & Touche, Inc. 500 and Inc. 5000 lists of fastest growing companies for the past three years. Recently, SecureWorks made #92 on Entrepreneur Magazine's list of the Hot 500 fastest growing businesses in the US.

              References:

              Miranda IM
              http://www.miranda-im.org/

              Miranda IM v0.7.1 announcement
              http://www.miranda-im.org/2007/10/18/miranda-im-v071-released/

              Official Yahoo! Messenger Site
              http://messenger.yahoo.com/

              CVE-2007-5542 (affects version 0.6.8 only)
              CVE-2007-5543 (affects versions 0.6.8 and 0.7.0)

              CVSS Scoring (version 2.0):

              Note: this is calculated for the remotely exploitable vulnerabilities only.

              • CVSS Base Score: 8.0
              • Overall CVSS Score: 8.0

              Related Content