Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 allows remote malicious users to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle (who).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
miranda-im miranda im 0.7.1 |