[VIM] Vendor ack for Miranda IM PopUp overflow (CAN-2005-1093)

Steven M. Christey coley at mitre.org
Thu May 19 13:09:29 EDT 2005

Juha-Matti Laurio informed CVE of vendor acknowledgement for the
Miranda IM PopUp overflow (CAN-2005-1093):

  "Popup+: remotely exploitable buffer overflow"

  "Critical Bug In PopUp Plus Plugin"

The News Column on the vendor front page (http://www.miranda-im.org/)
also has an entry dated 19/04/2005 that says:

  Popup+ Remotely exploitable overflow - by Sam K (19/04/2005)

  As reported on various security mailing lists - The Popup+ plugin
  contains a bug when used with smiley add that lets a remote attack
  run arbitrary code from a crafted instant message on any protocol.


  - PopUp is a plugin for Miranda IM
  - the PopUp author is known as "zazoo" but also posted as "nullbie"
    on the Miranda IM forums

- Steve

More information about the VIM mailing list