Shodan
Vulnerabilities
Vulnerable Software
Cerulean Studios:  >> Trillian  >> 0.74  Security Vulnerabilities
CVE-2008-5403
Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.
CVSS Score
10.0
EPSS Score
0.079
Published
2008-12-10
CVE-2008-5401
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
CVSS Score
10.0
EPSS Score
0.079
Published
2008-12-10
CVE-2008-5402
Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID."
CVSS Score
10.0
EPSS Score
0.07
Published
2008-12-10
CVE-2008-2409
Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message.
CVSS Score
9.3
EPSS Score
0.061
Published
2008-05-23
CVE-2004-2304
Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
CVSS Score
7.5
EPSS Score
0.038
Published
2004-12-31
CVE-2004-2370
Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.
CVSS Score
7.5
EPSS Score
0.037
Published
2004-12-31
CVE-2003-0520
Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified.
CVSS Score
5.0
EPSS Score
0.013
Published
2003-08-18
CVE-2002-1485
The AIM component of Trillian 0.73 and 0.74 allows remote attackers to cause a denial of service (crash) via certain strings such as "P > O < C".
CVSS Score
5.0
EPSS Score
0.013
Published
2003-04-02
CVE-2002-1486
Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server.
CVSS Score
7.5
EPSS Score
0.094
Published
2003-04-02
CVE-2002-1487
The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) by sending the raw messages (1) 206, (2) 211, (3) 213, (4) 214, (5) 215, (6) 217, (7) 218, (8) 243, (9) 302, (10) 317, (11) 324, (12) 332, (13) 333, (14) 352, and (15) 367.
CVSS Score
5.0
EPSS Score
0.136
Published
2003-04-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved