Cerulean Studios: >> Trillian >> 3.0 Security Vulnerabilities
Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.
CVSS Score
10.0
EPSS Score
0.256
Published
2008-12-10
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
CVSS Score
10.0
EPSS Score
0.267
Published
2008-12-10
Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID."
CVSS Score
10.0
EPSS Score
0.188
Published
2008-12-10
Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message.
CVSS Score
9.3
EPSS Score
0.17
Published
2008-05-23
Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ.
CVSS Score
5.0
EPSS Score
0.009
Published
2005-10-05
Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.
CVSS Score
5.0
EPSS Score
0.005
Published
2005-05-02
Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.
CVSS Score
7.5
EPSS Score
0.099
Published
2005-03-02