CVSS: 9.8EPSS: 20%CPEs: 1EXPL: 0CVE-2007-2478
https://notcve.org/view.php?id=CVE-2007-2478
03 May 2007 — Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string. Múltiples desbordamientos de búfer basado en pila en el componente IRC en Cerulean Studios Trillian Pro anterior a 3.1.5.1 permite a atacantes remotos corr... • http://blog.ceruleanstudios.com/?p=131 •
CVSS: 7.1EPSS: 1%CPEs: 2EXPL: 0CVE-2007-2479
https://notcve.org/view.php?id=CVE-2007-2479
03 May 2007 — Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker. Cerulean Studios Trillian Pro anterior a 3.1.5.1 permite a atacantes remotos obtener informacion potencialmente sensible a través de mensajes CTCP PING largo que contienen caracteres UTF-8, lo c... • http://blog.ceruleanstudios.com/?p=131 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 23%CPEs: 2EXPL: 0CVE-2007-2418
https://notcve.org/view.php?id=CVE-2007-2418
02 May 2007 — Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding. Desbordamiento de búfer basado en pila en el componente Rendezvous / Extensible Messaging y Presence Protocol (XMPP) (plugins\rendezvous.dll) para Cerulean Studios Trillian Pro anterior a 3.1.5.1 ... • http://blog.ceruleanstudios.com/?p=131 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0543
https://notcve.org/view.php?id=CVE-2006-0543
04 Feb 2006 — Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac encoded Rich Text Format (RTF) escape sequences (1) \'d1, (2) \'d2, (3) \'d3, (4) \'d4, and (5) \'d5. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. • http://www.osvdb.org/22877 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3141
https://notcve.org/view.php?id=CVE-2005-3141
05 Oct 2005 — Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ. • http://ceruleanstudios.com/forums/showthread.php?s=84987af3601384b1dc7ea1f36b237c9c&threadid=64889 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2444
https://notcve.org/view.php?id=CVE-2005-2444
03 Aug 2005 — Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the file after login, which allows local users to obtain sensitive information. Trillian Pro 3.1 build 121, cuando comprueba el e-mail de Yahoo, almacena el password en texto plano en un fichero legible y no borra ese fichero después del login, lo que permite que usuarios locales conozcan esa información. • http://marc.info/?l=bugtraq&m=112274667603628&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0874
https://notcve.org/view.php?id=CVE-2005-0874
26 Mar 2005 — Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. • http://marc.info/?l=bugtraq&m=111171416802350&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2005-0875
https://notcve.org/view.php?id=CVE-2005-0875
26 Mar 2005 — Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. • http://marc.info/?l=bugtraq&m=111171416802350&w=2 •
CVSS: 8.8EPSS: 9%CPEs: 2EXPL: 1CVE-2005-0633 – Trillian Basic 3.0 - '.png' Image Processing Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-0633
02 Mar 2005 — Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. • https://www.exploit-db.com/exploits/852 •
CVSS: 9.8EPSS: 7%CPEs: 1EXPL: 4CVE-2004-1666 – Trillian 0.74i MSN Module - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1666
31 Dec 2004 — Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a newline character. • https://www.exploit-db.com/exploits/435 •