Vulnerabilities > Cerulean Studios > Trillian PRO
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-12-10 | CVE-2008-5403 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag. | 10.0 |
| 2008-12-10 | CVE-2008-5402 | Resource Management Errors vulnerability in multiple products Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID." | 10.0 |
| 2008-12-10 | CVE-2008-5401 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing." | 10.0 |
| 2007-05-03 | CVE-2007-2478 | IRC Module UTF-8 vulnerability in Cerulean Studios Trillian Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string. | 9.3 |
| 2007-05-02 | CVE-2007-2418 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cerulean Studios Trillian PRO Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding. | 10.0 |
| 2005-08-03 | CVE-2005-2444 | Information Disclosure vulnerability in Cerulean Studios Trillian PRO 3.1Build121 Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the file after login, which allows local users to obtain sensitive information. | 2.1 |
| 2005-03-02 | CVE-2005-0633 | Remote PNG Image File Parsing Buffer Overflow vulnerability in Cerulean Studios Trillian and Trillian PRO Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | 7.5 |
| 2004-12-31 | CVE-2004-2370 | Remote Security vulnerability in Cerulean Studios Trillian and Trillian PRO Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. | 7.5 |
| 2004-12-31 | CVE-2004-2304 | Remote Boundary Condition Error vulnerability in Cerulean Studios Trillian and Trillian PRO Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | 7.5 |
| 2002-12-31 | CVE-2002-2390 | Buffer Errors vulnerability in Cerulean Studios Trillian and Trillian PRO Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | 10.0 |