CVSS: 9.3EPSS: 30%CPEs: 1EXPL: 0CVE-2007-3305
https://notcve.org/view.php?id=CVE-2007-3305
Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478. Desbordamiento de búfer basado en pila en Cerulean Studios Trillian 3.x anterior a 3.1.6.0 permite a atacantes remotos ejecutar código de su elección mediante un mensaje enviado a través del protocolo MSN, o posiblemente otros protocolos, con una cadena UTF-8 artesanal, lo cual provoca un reserva de memoria no válida cuando el ancho de ventana es usado como tamaño de búfer, una vulnerabilidad diferente que CVE-2007-2478. • http://blog.ceruleanstudios.com/?p=150 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=545 http://osvdb.org/37446 http://secunia.com/advisories/25736 http://www.kb.cert.org/vuls/id/187033 http://www.securityfocus.com/bid/24523 http://www.securitytracker.com/id?1018265 http://www.vupen.com/english/advisories/2007/2246 https://exchange.xforce.ibmcloud.com/vulnerabilities/34918 •
CVSS: 7.5EPSS: 10%CPEs: 13EXPL: 0CVE-2004-2370
https://notcve.org/view.php?id=CVE-2004-2370
Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017766.html http://secunia.com/advisories/10973 http://security.e-matters.de/advisories/022004.html http://securitytracker.com/id?1009220 http://www.osvdb.org/4060 https://exchange.xforce.ibmcloud.com/vulnerabilities/15304 •
CVSS: 7.5EPSS: 7%CPEs: 7EXPL: 0CVE-2004-2304
https://notcve.org/view.php?id=CVE-2004-2304
Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. • http://lists.seifried.org/pipermail/security/2004-February/001869.html http://secunia.com/advisories/10973 http://security.e-matters.de/advisories/022004.html http://securitytracker.com/id?1009220 http://www.osvdb.org/4056 http://www.securityfocus.com/bid/9489 https://exchange.xforce.ibmcloud.com/vulnerabilities/15303 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0520
https://notcve.org/view.php?id=CVE-2003-0520
Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified. Trillian 1.0 Pro y 0.74 Freeware permite a atacantes remotos causar una denegación de servicio (caída) mediente un mensaje TypingUser en el que la cadena "TypingUser" ha sido modificada. • http://marc.info/?l=bugtraq&m=105735714318026&w=2 http://www.securityfocus.com/bid/8107 •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 8CVE-2002-1486 – Trillian 0.725/0.73/0.74 - IRC User Mode Numeric Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1486
Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server. Multiples desbordamiento de búfer en el componente IRC de Trillian 0.73 y 0.74 permite a servidores IRC remotos malintencionados causar la Denegación de Servicios y posiblemente la ejecución de código arbitrario mediante: una respuesta larga del servidor. un JOIN con un nombre de canal largo. un mensaje largo raw 221. un PRIVMSG con un alias (nick) largo. una respuesta larga de un servidor IDENT. • https://www.exploit-db.com/exploits/21816 https://www.exploit-db.com/exploits/21813 https://www.exploit-db.com/exploits/21823 https://www.exploit-db.com/exploits/21804 https://www.exploit-db.com/exploits/21810 http://archives.neohapsis.com/archives/bugtraq/2002-09/0258.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0266.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0268.html http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0139.html http:&#x •