CVSS: 10.0EPSS: 26%CPEs: 55EXPL: 0CVE-2008-5401 – Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-5401
04 Dec 2008 — Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing." Desbordamiento de búfer basado en pila en la implementación del tooltip en Trillian anterior a 3.1.12.0, permite a atacantes remotos ejecutar código de su elección a través de un archivo de imagen con un nombre largo. Relacionado con "AIM IMG Tag Parsing." This vulnerability allows remote attackers to execut... • http://blog.ceruleanstudios.com/?p=404 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 18%CPEs: 55EXPL: 0CVE-2008-5402 – Trillian IMG SRC ID Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2008-5402
04 Dec 2008 — Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID." Vulnerabilidad de doble liberación en el validador en Trillian anterior a v3.1.12.0, permite a atacantes remotos ejecutar código de su elección a través de una expresión XML manipulada. Relacionado con el "IMG SRC ID". This vulnerability allows remote attackers to potentially execute arbitrary code on vulnerable installations of ... • http://blog.ceruleanstudios.com/?p=404 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 25%CPEs: 55EXPL: 0CVE-2008-5403 – Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-5403
04 Dec 2008 — Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag. Desbordamiento de búfer basado en montículo en el analizador XML en el plugin AIM en Trillian versiones anteriores a 3.1.12.0, que permite a los atacantes remotos ejecutar arbitrariamente código a través de etiquetas XML mal formadas. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean St... • http://blog.ceruleanstudios.com/?p=404 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 9%CPEs: 1EXPL: 0CVE-2008-2408 – Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2008-2408
21 May 2008 — Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag. Desbordamiento de búfer basado en montículo en la funcionalidad del analizador sintáctico XML en talk.dll en Cerulean Studios Trillian Pro anteriores a 3.1.10.0, permite a atacantes remotos ejecutar código arbitrario a través de un atributo mal formado en una etiqueta IMG. This vulnerability allows ... • http://archives.neohapsis.com/archives/bugtraq/2008-05/0284.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 20%CPEs: 1EXPL: 0CVE-2007-2478
https://notcve.org/view.php?id=CVE-2007-2478
03 May 2007 — Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string. Múltiples desbordamientos de búfer basado en pila en el componente IRC en Cerulean Studios Trillian Pro anterior a 3.1.5.1 permite a atacantes remotos corr... • http://blog.ceruleanstudios.com/?p=131 •
CVSS: 10.0EPSS: 23%CPEs: 2EXPL: 0CVE-2007-2418
https://notcve.org/view.php?id=CVE-2007-2418
02 May 2007 — Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding. Desbordamiento de búfer basado en pila en el componente Rendezvous / Extensible Messaging y Presence Protocol (XMPP) (plugins\rendezvous.dll) para Cerulean Studios Trillian Pro anterior a 3.1.5.1 ... • http://blog.ceruleanstudios.com/?p=131 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-2004-2304
https://notcve.org/view.php?id=CVE-2004-2304
31 Dec 2004 — Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. • http://lists.seifried.org/pipermail/security/2004-February/001869.html •
CVSS: 9.8EPSS: 5%CPEs: 13EXPL: 0CVE-2004-2370
https://notcve.org/view.php?id=CVE-2004-2370
31 Dec 2004 — Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017766.html •