Trillian RTF Character Remote DoS

2006-02-01T00:00:00
ID OSVDB:22877
Type osvdb
Reporter Sullo(sullo@cirt.net)
Modified 2006-02-01T00:00:00

Description

Vulnerability Description

Trillian contains a flaw that may allow a remote denial of service. The issue is triggered when an AIM message is received with certain Mac encoded RTF character codes. The codes are: \'d1 \'d2 \'d3 \'d4 \'d5, and can be accidentally sent by by copying text from an OSX application and pasting it to the victim. The victim's client will close immediately upon receiving such characters.

Solution Description

Upgrade to version 3.1.0.121 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Trillian contains a flaw that may allow a remote denial of service. The issue is triggered when an AIM message is received with certain Mac encoded RTF character codes. The codes are: \'d1 \'d2 \'d3 \'d4 \'d5, and can be accidentally sent by by copying text from an OSX application and pasting it to the victim. The victim's client will close immediately upon receiving such characters.

References:

CVE-2006-0543