Lucene search

PRIOn knowledge basePRION:CVE-2007-2418

HistoryMay 02, 2007 - 10:19 p.m.

Heap overflow

2007-05-0222:19:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.112 Low

EPSS

Percentile

95.0%

JSON

Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding.

CPENameOperatorVersion
trillian_proeq<= 3.1build121
trillian_prole3.1.5.0

CPE	Name	Operator	Version
	trillian_pro	eq	<= 3.1build121
	trillian_pro	le	3.1.5.0

References

blog.ceruleanstudios.com/?p=131

dvlabs.tippingpoint.com/advisory/TPTI-07-06

osvdb.org/35720

www.securityfocus.com/archive/1/467439/100/0/threaded

www.securityfocus.com/bid/23781

exchange.xforce.ibmcloud.com/vulnerabilities/34059

8.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.112 Low

EPSS

Percentile

95.0%

JSON

Related for PRION:CVE-2007-2418