CVE-2007-3305
Severity Score
Exploit Likelihood
Affected Versions
1Public Exploits
0Exploited in Wild
-Decision
Descriptions
Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478.
Desbordamiento de búfer basado en pila en Cerulean Studios Trillian 3.x anterior a 3.1.6.0 permite a atacantes remotos ejecutar código de su elección mediante un mensaje enviado a través del protocolo MSN, o posiblemente otros protocolos, con una cadena UTF-8 artesanal, lo cual provoca un reserva de memoria no válida cuando el ancho de ventana es usado como tamaño de búfer, una vulnerabilidad diferente que CVE-2007-2478.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-06-20 CVE Reserved
- 2007-06-21 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://blog.ceruleanstudios.com/?p=150 | X_refsource_confirm | |
| http://labs.idefense.com/intelligence/vulnerabilitie... | Third Party Advisory | |
| http://osvdb.org/37446 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/187033 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/24523 | Vdb Entry | |
| http://www.securitytracker.com/id?1018265 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/2246 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities... | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|