Cerulean Studios: >> Trillian Pro >> 3.1_build_121 Security Vulnerabilities
Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.
CVSS Score
10.0
EPSS Score
0.256
Published
2008-12-10
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
CVSS Score
10.0
EPSS Score
0.267
Published
2008-12-10
Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID."
CVSS Score
10.0
EPSS Score
0.188
Published
2008-12-10
Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the file after login, which allows local users to obtain sensitive information.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-08-03