Vulnerabilities > Cerulean Studios > Trillian > 3.1.0.120

DATE CVE VULNERABILITY TITLE RISK
2008-12-10 CVE-2008-5403 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.
network
low complexity
cerulean-studios ceruleanstudios CWE-119
critical
 10.0
10
2008-12-10 CVE-2008-5402 Resource Management Errors vulnerability in multiple products
Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID."
network
low complexity
cerulean-studios ceruleanstudios CWE-399
critical
 10.0
10
2008-12-10 CVE-2008-5401 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
network
low complexity
cerulean-studios ceruleanstudios CWE-119
critical
 10.0
10
2006-02-04 CVE-2006-0543 Denial-Of-Service vulnerability in Cerulean Studios Trillian 3.1.0.120
Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac encoded Rich Text Format (RTF) escape sequences (1) \'d1, (2) \'d2, (3) \'d3, (4) \'d4, and (5) \'d5.
network
low complexity
cerulean-studios
5.0
5.0