CVE-2008-2409
Trillian MSN MIME Header Stack-Based Overflow Vulnerability
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message.
Desbordamiento de búfer basado en pila en Cerulean Studios Trillian Pro anteriores a 3.1.10.0, permite a atacantes remotos ejecutar código arbitrario a través de atributos no especificados en la cabecera X-MMS-IM-FORMAT en un mensaje MSN.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the header parsing code for the msn protocol. When processing the X-MMS-IM-FORMAT header, certain attributes are copied into a buffer located on the stack without any length verification which can eventually lead to code execution with the privileges of the user that is running the application.
*Credits:
tw33k and n8
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-05-21 CVE Published
- 2008-05-22 CVE Reserved
- 2024-08-07 CVE Updated
- 2024-10-25 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://securitytracker.com/id?1020106 | Vdb Entry | |
| http://www.securityfocus.com/bid/29330 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/1622 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42576 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2008-05/0285.html | 2017-08-08 | |
| http://www.zerodayinitiative.com/advisories/ZDI-08-031 | 2017-08-08 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/30336 | 2017-08-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 0.71 Search vendor "Cerulean Studios" for product "Trillian" and version "0.71" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 0.73 Search vendor "Cerulean Studios" for product "Trillian" and version "0.73" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 0.74 Search vendor "Cerulean Studios" for product "Trillian" and version "0.74" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 0.74i Search vendor "Cerulean Studios" for product "Trillian" and version "0.74i" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 0.725 Search vendor "Cerulean Studios" for product "Trillian" and version "0.725" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 0.6351 Search vendor "Cerulean Studios" for product "Trillian" and version "0.6351" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 2.0 Search vendor "Cerulean Studios" for product "Trillian" and version "2.0" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 2.1 Search vendor "Cerulean Studios" for product "Trillian" and version "2.1" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 3.0 Search vendor "Cerulean Studios" for product "Trillian" and version "3.0" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 3.1 Search vendor "Cerulean Studios" for product "Trillian" and version "3.1" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 3.1.5.0 Search vendor "Cerulean Studios" for product "Trillian" and version "3.1.5.0" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 3.1.5.1 Search vendor "Cerulean Studios" for product "Trillian" and version "3.1.5.1" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 3.1.6.0 Search vendor "Cerulean Studios" for product "Trillian" and version "3.1.6.0" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 3.1.7.0 Search vendor "Cerulean Studios" for product "Trillian" and version "3.1.7.0" | - |
Affected
| ||||||
| Cerulean Studios Search vendor "Cerulean Studios" | Trillian Search vendor "Cerulean Studios" for product "Trillian" | 3.1.9.0 Search vendor "Cerulean Studios" for product "Trillian" and version "3.1.9.0" | - |
Affected
| ||||||