Lucene search
HistoryMay 23, 2008 - 3:32 p.m.
CVE-2008-2408
cve-2008-2408
trillian pro
xml parsing
buffer overflow
security vulnerability
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
High
0.152 Low
EPSS
Percentile
95.9%
Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag.
Affected configurations
Node
ceruleanstudiostrillian_proRange≤3.1.9.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| ceruleanstudios:trillian_pro | ceruleanstudios trillian pro | le | 3.1.9.0 |
Related
zdi
zdi
Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability
2008-05-21 00:00:00
cvelist
cvelist
CVE-2008-2408
2008-05-23 15:00:00
prion
prion
Heap overflow
2008-05-23 15:32:00
nvd
nvd
CVE-2008-2408
2008-05-23 15:32:00
nessus
nessus
Trillian < 3.1.10.0 Multiple Vulnerabilities
2008-05-22 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
High
0.152 Low
EPSS
Percentile
95.9%
Related for CVE-2008-2408