Unrated severityNVD Advisory· Published Jan 18, 2007· Updated Apr 23, 2026

CVE-2007-0344

Description

Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the channel name of an INVITE request, related to the implementation of AlertSheet and AlertPanel in Apple AppKit.

Affected products

Colloquy/Colloquy
cpe:2.3:a:colloquy:colloquy:*:*:*:*:*:*:*:*
Range: <=2.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/23801nvdPatchVendor Advisory
projects.info-pull.com/moab/MOAB-16-01-2007.htmlnvdExploit
www.securityfocus.com/bid/22086nvdExploitPatch
www.vupen.com/english/advisories/2007/0238nvdVendor Advisory
www.osvdb.org/32688nvd
www.exploit-db.com/exploits/3139nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.019
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000