<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:D="DAV:" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{mso-style-priority:99;
mso-style-link:"Plain Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.5pt;
font-family:Consolas;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.PlainTextChar
{mso-style-name:"Plain Text Char";
mso-style-priority:99;
mso-style-link:"Plain Text";
font-family:Consolas;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoPlainText>Miranda IM Multiple Buffer Overflow Vulnerabilities<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>***Summary***<o:p></o:p></p>
<p class=MsoPlainText>Multiple buffer overflow vulnerabilities exist in Miranda
IM, a popular open source instant messaging client.<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>***Scope***<o:p></o:p></p>
<p class=MsoPlainText>These vulnerabilities have been verified in the following
Miranda IM version(s):<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>0.6.8<o:p></o:p></p>
<p class=MsoPlainText>0.7.0<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>Note: one vulnerability in version 0.6.8 was fixed in
version 0.7.0.<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>***Description***<o:p></o:p></p>
<p class=MsoPlainText>Miranda IM is a popular open source instant messaging
client that supports a wide range of protocols. Multiple buffer overflow
vulnerabilities have been found in Miranda IM, including a remotely triggered
stack based overflow in the section that implements the Yahoo! Messenger
protocol. A maliciously crafted Yahoo! Messenger packet could overflow a
buffer on the stack and lead to arbitrary code execution. <o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>***Recommendations***<o:p></o:p></p>
<p class=MsoPlainText>Upgrade to version 0.7.1 or later of the Miranda IM
client. Also, remote exploitation of the vulnerabilities can be prevented by
blocking Yahoo! Messenger traffic on your network.<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>***Credits***<o:p></o:p></p>
<p class=MsoPlainText>David Wharton is a security researcher with
SecureWorks’ Research Team and is working on his M.S. in Information
Security degree from Georgia Tech.<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>***About SecureWorks***<o:p></o:p></p>
<p class=MsoPlainText>With over 1,800 clients, SecureWorks is one of the
leading managed security services providers in the market. The research and
advisory firm, Gartner, Inc., recently positioned SecureWorks in the Leaders
quadrant in its Managed Security Services Provider (MSSP) Magic Quadrant for
the first half of 2007 and Forrester Research cited SecureWorks as the
“MSSP with the largest market share of customers in North America”
in their recent Wave report. SecureWorks provides effective security services
by leveraging our integrated security management platform, advanced security
research, and 100 percent GIAC certified experts. By providing a full breadth
of security services, SecureWorks offers fully-managed, co-managed, monitored
or self-service security solutions to meet the needs of Fortune 100 companies
with large security teams as well as smaller companies with no security
expertise. In addition, SecureWorks has helped companies pass over 2,400
compliance audits by providing comprehensive and straight-forward board and
examination reports. SecureWorks won SC Magazine’s 2007 and 2006 MSSP of
the Year award and the 2006 Best Intrusion Prevention award, Frost &
Sullivan’s 2006 Entrepreneurial Company of the Year award and was named
to the Deloitte & Touche, Inc. 500 and Inc. 5000 lists of fastest growing
companies for the past three years. Recently, SecureWorks made #92 on
Entrepreneur Magazine’s list of the Hot 500 fastest growing businesses in
the US. <o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>***References***<o:p></o:p></p>
<p class=MsoPlainText>SecureWorks Announcement<o:p></o:p></p>
<p class=MsoPlainText><a href="http://secureworks.com/research/threats/miranda/">http://secureworks.com/research/threats/miranda/</a><o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>Miranda IM<o:p></o:p></p>
<p class=MsoPlainText><a href="http://www.miranda-im.org/">http://www.miranda-im.org/</a><o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>Miranda IM v0.7.1 announcement<o:p></o:p></p>
<p class=MsoPlainText><a
href="http://www.miranda-im.org/2007/10/18/miranda-im-v071-released/">http://www.miranda-im.org/2007/10/18/miranda-im-v071-released/</a><o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>Official Yahoo! Messenger Site<o:p></o:p></p>
<p class=MsoPlainText><a href="http://messenger.yahoo.com/">http://messenger.yahoo.com/</a><o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>CVE-2007-5542 (affects version 0.6.8 only)<o:p></o:p></p>
<p class=MsoPlainText>CVE-2007-5543 (affects versions 0.6.8 and 0.7.0)<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>***CVSS Scoring (version 2.0)***<o:p></o:p></p>
<p class=MsoPlainText>Note: this is calculated for the remotely exploitable
vulnerabilities only.<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoPlainText>CVSS Base Score: 8.0<o:p></o:p></p>
<p class=MsoPlainText>Overall CVSS Score: 8.0<o:p></o:p></p>
<p class=MsoPlainText><o:p> </o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</body>
</html>