Vulnerabilities > Cerulean Studios
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-05-03 | CVE-2007-2479 | Information Exposure vulnerability in Cerulean Studios Trillian 3.1 Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker. | 7.1 |
| 2007-05-03 | CVE-2007-2478 | IRC Module UTF-8 vulnerability in Cerulean Studios Trillian Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string. | 9.3 |
| 2007-05-02 | CVE-2007-2418 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cerulean Studios Trillian PRO Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding. | 10.0 |
| 2006-02-04 | CVE-2006-0543 | Denial-Of-Service vulnerability in Cerulean Studios Trillian 3.1.0.120 Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac encoded Rich Text Format (RTF) escape sequences (1) \'d1, (2) \'d2, (3) \'d3, (4) \'d4, and (5) \'d5. | 5.0 |
| 2005-10-05 | CVE-2005-3141 | Denial-Of-Service vulnerability in Cerulean Studios Trillian 3.0 Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ. | 5.0 |
| 2005-08-03 | CVE-2005-2444 | Information Disclosure vulnerability in Cerulean Studios Trillian PRO 3.1Build121 Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the file after login, which allows local users to obtain sensitive information. | 2.1 |
| 2005-05-02 | CVE-2005-0875 | Unspecified vulnerability in Cerulean Studios Trillian 2.0/3.0/3.1 Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | 5.0 |
| 2005-05-02 | CVE-2005-0874 | Unspecified vulnerability in Cerulean Studios Trillian 2.0 Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | 5.0 |
| 2005-03-02 | CVE-2005-0633 | Remote PNG Image File Parsing Buffer Overflow vulnerability in Cerulean Studios Trillian and Trillian PRO Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | 7.5 |
| 2004-12-31 | CVE-2004-2370 | Remote Security vulnerability in Cerulean Studios Trillian and Trillian PRO Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. | 7.5 |