Vulnerability Details CVE-2008-5402
Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.188
EPSS Ranking 94.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://blog.ceruleanstudios.com/?p=404
- http://osvdb.org/50473
- http://secunia.com/advisories/33001
- http://securityreason.com/securityalert/4701
- http://www.securityfocus.com/archive/1/498933/100/0/threaded
- http://www.securityfocus.com/bid/32645
- http://www.securitytracker.com/id?1021334
- http://www.vupen.com/english/advisories/2008/3348
- http://www.zerodayinitiative.com/advisories/ZDI-08-078
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47098
- http://blog.ceruleanstudios.com/?p=404
- http://osvdb.org/50473
- http://secunia.com/advisories/33001
- http://securityreason.com/securityalert/4701
- http://www.securityfocus.com/archive/1/498933/100/0/threaded
- http://www.securityfocus.com/bid/32645
- http://www.securitytracker.com/id?1021334
- http://www.vupen.com/english/advisories/2008/3348
- http://www.zerodayinitiative.com/advisories/ZDI-08-078
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47098
Products affected by CVE-2008-5402
-
cpe:2.3:a:cerulean_studios:trillian:0.50
-
cpe:2.3:a:cerulean_studios:trillian:0.52
-
cpe:2.3:a:cerulean_studios:trillian:0.60
-
cpe:2.3:a:cerulean_studios:trillian:0.61
-
cpe:2.3:a:cerulean_studios:trillian:0.62
-
cpe:2.3:a:cerulean_studios:trillian:0.63
-
cpe:2.3:a:cerulean_studios:trillian:0.635
-
cpe:2.3:a:cerulean_studios:trillian:0.6351
-
cpe:2.3:a:cerulean_studios:trillian:0.70
-
cpe:2.3:a:cerulean_studios:trillian:0.71
-
cpe:2.3:a:cerulean_studios:trillian:0.72
-
cpe:2.3:a:cerulean_studios:trillian:0.725
-
cpe:2.3:a:cerulean_studios:trillian:0.73
-
cpe:2.3:a:cerulean_studios:trillian:0.74
-
cpe:2.3:a:cerulean_studios:trillian:0.74c
-
cpe:2.3:a:cerulean_studios:trillian:0.74d
-
cpe:2.3:a:cerulean_studios:trillian:0.74e
-
cpe:2.3:a:cerulean_studios:trillian:0.74f
-
cpe:2.3:a:cerulean_studios:trillian:0.74g
-
cpe:2.3:a:cerulean_studios:trillian:0.74i
-
cpe:2.3:a:cerulean_studios:trillian:1.0
-
cpe:2.3:a:cerulean_studios:trillian:2.0
-
cpe:2.3:a:cerulean_studios:trillian:2.1
-
cpe:2.3:a:cerulean_studios:trillian:3.0
-
cpe:2.3:a:cerulean_studios:trillian:3.1
-
cpe:2.3:a:cerulean_studios:trillian:3.1.0.120
-
cpe:2.3:a:cerulean_studios:trillian:3.1.0.121
-
cpe:2.3:a:cerulean_studios:trillian:3.1.10.0
-
cpe:2.3:a:cerulean_studios:trillian:3.1.11.0
-
cpe:2.3:a:cerulean_studios:trillian:3.1.5.0
-
cpe:2.3:a:cerulean_studios:trillian:3.1.5.1
-
cpe:2.3:a:cerulean_studios:trillian:3.1.6.0
-
cpe:2.3:a:cerulean_studios:trillian:3.1.7.0
-
cpe:2.3:a:cerulean_studios:trillian:3.1.8.0
-
cpe:2.3:a:cerulean_studios:trillian:3.1.9.0
-
cpe:2.3:a:cerulean_studios:trillian_pro:*
-
cpe:2.3:a:cerulean_studios:trillian_pro:1.0
-
cpe:2.3:a:cerulean_studios:trillian_pro:2.0
-
cpe:2.3:a:cerulean_studios:trillian_pro:2.01
-
cpe:2.3:a:cerulean_studios:trillian_pro:3.0
-
cpe:2.3:a:cerulean_studios:trillian_pro:3.1.5.0
-
cpe:2.3:a:cerulean_studios:trillian_pro:3.1_build_121
-
cpe:2.3:a:ceruleanstudios:trillian:*
-
cpe:2.3:a:ceruleanstudios:trillian:3.1.0.9
-
cpe:2.3:a:ceruleanstudios:trillian:3.1.9.0
-
cpe:2.3:a:ceruleanstudios:trillian_pro:*
-
cpe:2.3:a:ceruleanstudios:trillian_pro:3.1.9.0