28 matches found
EUVD-2007-5518
Malware in sbrugna...
EUVD-2005-1096
Malware in sbrugna...
EUVD-2007-5517
Malware in sbrugna...
EUVD-2007-5372
Malware in sbrugna...
CVE-2007-5543
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590...
CVE-2007-5542
Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590...
Miranda IM <= 0.8.16 Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39209/info Miranda IM is prone to an information-disclosure vulnerability. Successful exploits of this issue may allow attackers to perform man-in-the-middle attacks against vulnerable applications and to disclose sensiti...
Miranda IM TLS encryption vulnerability
Under some conditions TLS is not used for Jabber server connection regradless of settings...
Miranda IM 0.8.16 - Information Disclosure
Miranda IM 0.8.16 - Information Disclosure source: https://www.securityfocus.com/bid/39209/info Miranda IM is prone to an information-disclosure vulnerability. Successful exploits of this issue may allow attackers to perform man-in-the-middle attacks against vulnerable applications and to disclos...
Miranda IM 0.8.16 - Information Disclosure
source: https://www.securityfocus.com/bid/39209/info Miranda IM is prone to an information-disclosure vulnerability. Successful exploits of this issue may allow attackers to perform man-in-the-middle attacks against vulnerable applications and to disclose sensitive information. !/usr/bin/perl...
Miranda IM TLS MitM Proof Of Concept
!/usr/bin/perl Miranda IM TLS MitM Proof of Concept by Jan Schejbal, 2010-03-19 MAY WORK WITHOUT MODIFICATIONS AGAINST OTHER CLIENTS WITH THIS ISSUE! Generally: Will work if client also accepts unencrypted connections if the server reports that TLS is not supported. Tested only on WinXP SP3 with...
Miranda IM silent TLS failure
Summary: Under certain conditions, Miranda ignores the "Use TLS" setting in Jabber accounts and uses an unencrypted connection. Affected: Miranda IM instant messenger, at least versions 0.8.16, 0.9.0 alpha build 6 Unicode and SVN rev. 11383 Description: If the following conditions are met: - "Use...
CVE-2007-5543
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590...
CVE-2007-5542
Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590...
CVE-2007-5542
Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590...
CVE-2007-5542
The CVE-2007-5542 entry concerns Miranda IM. A stack-based buffer overflow in Miranda IM 0.6.8 (and related notes to 0.7.0) allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. The vulnerability’s impact is remote code execution with the potential for full comp...
CVE-2007-5543
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590...
CVE-2007-5543
CVE-2007-5543 describes a stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 triggered by a crafted Yahoo! Messenger packet, enabling remote code execution. The root cause is improper bounds checking in the packet handling path of the Yahoo Messenger-related code. Affected software: Mirand...
Unfixed XSS vulnerability at addons.miranda-im.org
Security researcher r@nger, has submitted on 04/05/2008 a cross-site-scripting XSS vulnerability affecting addons.miranda-im.org, which at the time of submission ranked 23196 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/05/2008. It is...
CVE-2007-5396
Format string vulnerability in the extyahoocontactadded function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle who...