Cerulean Studios : Security Vulnerabilities, CVEs, (Overflow)
Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.
Max CVSS
10.0
EPSS Score
70.75%
Published
2008-12-10
Updated
2018-10-11
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
Max CVSS
10.0
EPSS Score
71.46%
Published
2008-12-10
Updated
2018-10-11
Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message.
Max CVSS
9.3
EPSS Score
52.52%
Published
2008-05-23
Updated
2017-08-08
Buffer overflow in the Display Names message feature in Cerulean Studios Trillian Basic and Pro 3.1.9.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long nickname in an MSN protocol message.
Max CVSS
9.3
EPSS Score
4.89%
Published
2008-04-29
Updated
2018-10-11
Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring.
Max CVSS
9.3
EPSS Score
21.95%
Published
2007-07-17
Updated
2017-07-29
Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478.
Max CVSS
9.3
EPSS Score
30.85%
Published
2007-06-21
Updated
2017-07-29
Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding.
Max CVSS
10.0
EPSS Score
11.21%
Published
2007-05-02
Updated
2018-10-16
Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.
Max CVSS
7.5
EPSS Score
4.17%
Published
2005-03-02
Updated
2016-10-18
Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.
Max CVSS
7.5
EPSS Score
17.75%
Published
2004-12-31
Updated
2017-07-11
Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
9.59%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a newline character.
Max CVSS
7.5
EPSS Score
1.35%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.
Max CVSS
10.0
EPSS Score
2.64%
Published
2002-12-31
Updated
2008-09-05
Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml.
Max CVSS
6.8
EPSS Score
1.25%
Published
2002-12-31
Updated
2008-09-05
Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message.
Max CVSS
7.5
EPSS Score
1.00%
Published
2002-12-31
Updated
2008-09-05
Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response.
Max CVSS
7.5
EPSS Score
0.33%
Published
2002-12-31
Updated
2008-09-05
15 vulnerabilities found