Unrated severityNVD Advisory· Published Nov 10, 2007· Updated Jun 16, 2026
CVE-2007-5396
CVE-2007-5396
Description
Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle (who).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:miranda-im:miranda_im:0.7.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:miranda-im:miranda_im:0.7.1:*:*:*:*:*:*:*
- (no CPE)range: = 0.7.1
Patches
Vulnerability mechanics
References
6- secunia.com/advisories/27402nvdPatchVendor Advisory
- miranda.svn.sourceforge.net/viewvc/miranda/trunk/miranda/protocols/Yahoo/yahoo.cnvd
- secunia.com/secunia_research/2007-89/advisory/nvd
- www.securityfocus.com/bid/26389nvd
- www.vupen.com/english/advisories/2007/3823nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/38362nvd
News mentions
0No linked articles in our index yet.