Vulnerabilities > Cerulean Studios > Trillian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-04-02 | CVE-2002-1485 | Remote Denial Of Service vulnerability in Cerulean Studios Trillian 0.73/0.74 The AIM component of Trillian 0.73 and 0.74 allows remote attackers to cause a denial of service (crash) via certain strings such as "P > O < C". | 5.0 |
| 2002-12-31 | CVE-2002-2366 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cerulean Studios Trillian 0.6351/0.725/0.73 Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml. | 6.8 |
| 2002-12-31 | CVE-2002-2162 | Unspecified vulnerability in Cerulean Studios Trillian 0.6351/0.725/0.73 Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts. | 4.6 |
| 2001-10-02 | CVE-2001-1419 | AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments. | 5.0 |