Vulnerabilities > Cerulean Studios > Trillian > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-12-10 | CVE-2008-5401 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing." | 10.0 |
| 2008-12-10 | CVE-2008-5402 | Resource Management Errors vulnerability in multiple products Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID." | 10.0 |
| 2008-12-10 | CVE-2008-5403 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag. | 10.0 |
| 2008-05-23 | CVE-2008-2409 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cerulean Studios Trillian Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message. | 9.3 |
| 2008-04-29 | CVE-2008-2008 | Buffer Errors vulnerability in Cerulean Studios Trillian 3.1.9.0 Buffer overflow in the Display Names message feature in Cerulean Studios Trillian Basic and Pro 3.1.9.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long nickname in an MSN protocol message. | 9.3 |
| 2007-07-17 | CVE-2007-3832 | Buffer Errors vulnerability in Cerulean Studios Trillian 3.1.6.0 Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring. | 9.3 |
| 2007-06-21 | CVE-2007-3305 | Buffer Overflow vulnerability in Cerulean Studios Trillian 3.1 Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478. | 9.3 |
| 2002-12-31 | CVE-2002-2390 | Buffer Errors vulnerability in Cerulean Studios Trillian and Trillian PRO Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | 10.0 |