77 matches found
EUVD-2005-3141
Malware in sbrugna...
EUVD-2007-2472
Malware in sbrugna...
EUVD-2006-0550
Malware in sbrugna...
EUVD-2008-2403
Malware in sbrugna...
EUVD-2007-0681
Malware in sbrugna...
EUVD-2008-2006
Malware in sbrugna...
EUVD-2007-3817
Malware in sbrugna...
EUVD-2002-2141
Malware in sbrugna...
CVE-2002-2162
Cerulean Studios Trillian 0.73 and earlier use weak encrypttion XOR for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts...
CVE-2006-0543
Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service client crash via an AIM message containing the Mac encoded Rich Text Format RTF escape sequences 1 'd1, 2 'd2, 3 'd3, 4 'd4, and 5 'd5. NOTE: the provenance of this information is unknown; the details are obtained...
Code injection
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the previewactions template to perform a XSS, e.g. by using URL such as:...
Cerulean Studios Trillian 3.0 - Remote PNG Image File Parsing Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12703/info A remote buffer overflow vulnerability affects Cerulean Studios Trillian. This issue is due to a failure of the application to securely copy image data into finite process buffers. An attacker may leverage this...
Trillian MSN SSL Certificate Validation Security Bypass Vulnerability
This host is installed with Trillian and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: gbtrillianmsnauthsslcertsecbypassvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ Trillian MSN SSL Certificate Validation Security Bypass Vulnerability Authors: Veerendra GG Copyright:...
Authentication flaw
Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication, which allows remote attackers to obtain MSN credentials via a man-in-the-middle attack with a spoofed SSL certificate...
CVE-2009-4831
Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication, which allows remote attackers to obtain MSN credentials via a man-in-the-middle attack with a spoofed SSL certificate...
CVE-2009-4831
Cerulean Studios Trillian 3.1 Basic does not verify SSL certificates during MSN authentication, enabling remote attackers to obtain MSN credentials via a man-in-the-middle with a spoofed certificate. CVE-2009-4831. The entry notes a MEDIUM base score (5.8) with network attack vector, no authentic...
Cerulean Studios Trillian Image Filename XML Tag Stack Buffer Overflow (CVE-2008-5401)
Cerulean Studios' Trillian is an instant messaging IM client application that can interact with various IM protocols such as MSN, AIM, ICQ, YAHOO, etc. There exists a stack buffer overflow vulnerability in Trillian instant messenger client application. The vulnerability is due to a boundary error...
Cerulean Studios Trillian AIM XML Tag Handling Heap Buffer Overflow (CVE-2008-5403)
Cerulean Studios' Trillian is an instant messaging IM client application that can interact with various IM protocols such as MSN, AIM, ICQ, YAHOO, etc. Specifically, AIM clients uses Open System for Communication in Realtime OSCAR protocol to talk to the backend servers. In Trillian, communicatio...
Trillian MSN验证SSL证书校验安全绕过漏洞
Bugraq ID: 35509 Trillian是一款聊天程序,和多种即时通讯程序使用相同的接口,包括AIM、ICQ、Yahoo! Messenger、MSN Messenger和IRC。 Trillian在发送MSN用户凭据前没有正确检查SSL证书,攻击者可以通过伪造的证书,在没有任何警告的境况下获得MSN用户名和密码信息。 Cerulean Studios Trillian 3.1 目前没有详细解决方案提供: http://www.ceruleanstudios.com/...
ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability
ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-078 December 4, 2008 -- Affected Vendors: Cerulean Studios -- Affected Products: Cerulean Studios Trillian -- Vulnerability Details: This vulnerability allows remote attackers to...