CVE-2007-0344

Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the channel name of an INVITE request, related to the implementation of AlertSheet and AlertPanel in Apple AppKit.

Weakness

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Affected Software

Name	Vendor	Start Version	End Version
Colloquy	Colloquy	*	2.1 (including)

Potential Mitigations

https://cwe.mitre.org/data/definitions/135.html
https://cwe.mitre.org/data/definitions/67.html

References

http://projects.info-pull.com/moab/MOAB-16-01-2007.html
http://secunia.com/advisories/23801
http://www.osvdb.org/32688
http://www.securityfocus.com/bid/22086
http://www.vupen.com/english/advisories/2007/0238
https://www.exploit-db.com/exploits/3139
http://projects.info-pull.com/moab/MOAB-16-01-2007.html
http://secunia.com/advisories/23801
http://www.osvdb.org/32688
http://www.securityfocus.com/bid/22086
http://www.vupen.com/english/advisories/2007/0238
https://www.exploit-db.com/exploits/3139

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0344
CWE	https://cwe.mitre.org/data/definitions/134.html

Use of Externally-Controlled Format String

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References