Vulnerabilities > Cerulean Studios > Trillian > 0.74
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-12-10 | CVE-2008-5403 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag. | 10.0 |
| 2008-12-10 | CVE-2008-5402 | Resource Management Errors vulnerability in multiple products Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID." | 10.0 |
| 2008-12-10 | CVE-2008-5401 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing." | 10.0 |
| 2008-05-23 | CVE-2008-2409 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cerulean Studios Trillian Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message. | 9.3 |
| 2004-12-31 | CVE-2004-2370 | Remote Security vulnerability in Cerulean Studios Trillian and Trillian PRO Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. | 7.5 |
| 2004-12-31 | CVE-2004-2304 | Remote Boundary Condition Error vulnerability in Cerulean Studios Trillian and Trillian PRO Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | 7.5 |
| 2003-08-18 | CVE-2003-0520 | Denial Of Service vulnerability in Cerulean Studios Trillian 0.74/1.0 Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified. | 5.0 |
| 2003-04-02 | CVE-2002-1488 | Denial Of Service vulnerability in Cerulean Studios Trillian 0.74 The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) via a PART message with (1) a missing channel or (2) a channel that the Trillian user is not in. | 5.0 |
| 2003-04-02 | CVE-2002-1487 | Denial Of Service vulnerability in Cerulean Studios Trillian 0.74 The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) by sending the raw messages (1) 206, (2) 211, (3) 213, (4) 214, (5) 215, (6) 217, (7) 218, (8) 243, (9) 302, (10) 317, (11) 324, (12) 332, (13) 333, (14) 352, and (15) 367. | 5.0 |
| 2003-04-02 | CVE-2002-1486 | Buffer Overflow vulnerability in Cerulean Studios Trillian 0.725/0.73/0.74 Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server. | 7.5 |