CVSS: 9.8EPSS: 30%CPEs: 1EXPL: 0CVE-2007-3305
https://notcve.org/view.php?id=CVE-2007-3305
21 Jun 2007 — Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478. Desbordamiento de búfer basado en pila en Cerulean Studios Trillian 3.x anterior a 3.1.6.0 permite a atacantes remotos ejecutar códi... • http://blog.ceruleanstudios.com/?p=150 •
CVSS: 7.1EPSS: 1%CPEs: 2EXPL: 0CVE-2007-2479
https://notcve.org/view.php?id=CVE-2007-2479
03 May 2007 — Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker. Cerulean Studios Trillian Pro anterior a 3.1.5.1 permite a atacantes remotos obtener informacion potencialmente sensible a través de mensajes CTCP PING largo que contienen caracteres UTF-8, lo c... • http://blog.ceruleanstudios.com/?p=131 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0543
https://notcve.org/view.php?id=CVE-2006-0543
04 Feb 2006 — Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac encoded Rich Text Format (RTF) escape sequences (1) \'d1, (2) \'d2, (3) \'d3, (4) \'d4, and (5) \'d5. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. • http://www.osvdb.org/22877 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3141
https://notcve.org/view.php?id=CVE-2005-3141
05 Oct 2005 — Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ. • http://ceruleanstudios.com/forums/showthread.php?s=84987af3601384b1dc7ea1f36b237c9c&threadid=64889 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0874
https://notcve.org/view.php?id=CVE-2005-0874
26 Mar 2005 — Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. • http://marc.info/?l=bugtraq&m=111171416802350&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2005-0875
https://notcve.org/view.php?id=CVE-2005-0875
26 Mar 2005 — Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. • http://marc.info/?l=bugtraq&m=111171416802350&w=2 •
CVSS: 8.8EPSS: 9%CPEs: 2EXPL: 1CVE-2005-0633 – Trillian Basic 3.0 - '.png' Image Processing Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-0633
02 Mar 2005 — Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. • https://www.exploit-db.com/exploits/852 •
CVSS: 9.8EPSS: 7%CPEs: 1EXPL: 4CVE-2004-1666 – Trillian 0.74i MSN Module - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1666
31 Dec 2004 — Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a newline character. • https://www.exploit-db.com/exploits/435 •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-2004-2304
https://notcve.org/view.php?id=CVE-2004-2304
31 Dec 2004 — Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. • http://lists.seifried.org/pipermail/security/2004-February/001869.html •
CVSS: 9.8EPSS: 5%CPEs: 13EXPL: 0CVE-2004-2370
https://notcve.org/view.php?id=CVE-2004-2370
31 Dec 2004 — Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017766.html •