Cerulean Studios » Trillian » 2.0 : Security Vulnerabilities, CVEs,
Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.
Max CVSS
10.0
EPSS Score
70.75%
Published
2008-12-10
Updated
2018-10-11
Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID."
Max CVSS
10.0
EPSS Score
25.09%
Published
2008-12-10
Updated
2018-10-11
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
Max CVSS
10.0
EPSS Score
71.46%
Published
2008-12-10
Updated
2018-10-11
Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message.
Max CVSS
9.3
EPSS Score
52.52%
Published
2008-05-23
Updated
2017-08-08
Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478.
Max CVSS
9.3
EPSS Score
30.85%
Published
2007-06-21
Updated
2017-07-29
Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.
Max CVSS
5.0
EPSS Score
0.12%
Published
2005-05-02
Updated
2016-10-18
Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.
Max CVSS
5.0
EPSS Score
0.32%
Published
2005-05-02
Updated
2016-10-18
7 vulnerabilities found