CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 2CVE-2002-2162 – Trillian Instant Messaging 0.x - Credential Encryption
https://notcve.org/view.php?id=CVE-2002-2162
Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts. • https://www.exploit-db.com/exploits/21781 http://www.iss.net/security_center/static/10092.php http://www.securityfocus.com/archive/1/291071 http://www.securityfocus.com/bid/5677 •
CVSS: 6.8EPSS: 3%CPEs: 3EXPL: 0CVE-2002-2366
https://notcve.org/view.php?id=CVE-2002-2366
Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml. • http://archives.neohapsis.com/archives/bugtraq/2002-08/0334.html http://www.iss.net/security_center/static/9999.php http://www.securityfocus.com/bid/5601 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 4%CPEs: 3EXPL: 4CVE-2002-2390
https://notcve.org/view.php?id=CVE-2002-2390
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. • http://archives.neohapsis.com/archives/bugtraq/2002-09/0206.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0224.html http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001890.html http://www.iss.net/security_center/static/10118.php http://www.securityfocus.com/bid/5733 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •