45 matches found
EUVD-2002-2141
Malware in sbrugna...
EUVD-2005-3141
Malware in sbrugna...
EUVD-2008-2403
Malware in sbrugna...
EUVD-2008-2006
Malware in sbrugna...
CVE-2002-2162
Cerulean Studios Trillian 0.73 and earlier use weak encrypttion XOR for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts...
Cerulean Studios Trillian 3.0 - Remote PNG Image File Parsing Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12703/info A remote buffer overflow vulnerability affects Cerulean Studios Trillian. This issue is due to a failure of the application to securely copy image data into finite process buffers. An attacker may leverage this...
Trillian MSN SSL Certificate Validation Security Bypass Vulnerability
This host is installed with Trillian and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: gbtrillianmsnauthsslcertsecbypassvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ Trillian MSN SSL Certificate Validation Security Bypass Vulnerability Authors: Veerendra GG Copyright:...
CVE-2009-4831
Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication, which allows remote attackers to obtain MSN credentials via a man-in-the-middle attack with a spoofed SSL certificate...
Authentication flaw
Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication, which allows remote attackers to obtain MSN credentials via a man-in-the-middle attack with a spoofed SSL certificate...
CVE-2009-4831
Cerulean Studios Trillian 3.1 Basic does not verify SSL certificates during MSN authentication, enabling remote attackers to obtain MSN credentials via a man-in-the-middle with a spoofed certificate. CVE-2009-4831. The entry notes a MEDIUM base score (5.8) with network attack vector, no authentic...
Cerulean Studios Trillian AIM XML Tag Handling Heap Buffer Overflow (CVE-2008-5403)
Cerulean Studios' Trillian is an instant messaging IM client application that can interact with various IM protocols such as MSN, AIM, ICQ, YAHOO, etc. Specifically, AIM clients uses Open System for Communication in Realtime OSCAR protocol to talk to the backend servers. In Trillian, communicatio...
Trillian MSN验证SSL证书校验安全绕过漏洞
Bugraq ID: 35509 Trillian是一款聊天程序,和多种即时通讯程序使用相同的接口,包括AIM、ICQ、Yahoo! Messenger、MSN Messenger和IRC。 Trillian在发送MSN用户凭据前没有正确检查SSL证书,攻击者可以通过伪造的证书,在没有任何警告的境况下获得MSN用户名和密码信息。 Cerulean Studios Trillian 3.1 目前没有详细解决方案提供: http://www.ceruleanstudios.com/...
ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability
ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-078 December 4, 2008 -- Affected Vendors: Cerulean Studios -- Affected Products: Cerulean Studios Trillian -- Vulnerability Details: This vulnerability allows remote attackers to...
Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tooltip processing code for Trillian. When creating a tooltip for an...
CVE-2008-2408
Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag...
Heap overflow
Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag...
Stack overflow
Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message...
CVE-2008-2407
CVE-2008-2407 affects Cerulean Studios Trillian prior to 3.1.10.0, specifically a stack-based buffer overflow in AIM.DLL triggered by parsing a long attribute value in a FONT tag within a message. The underlying issue is a buffer overrun via sprintf() during message processing, allowing arbitrary...
CVE-2008-2409
CVE-2008-2409 concerns Cerulean Studios Trillian prior to 3.1.10.0. Multiple sources (NVD, ZDI, CVE lists, Nessus plugin) describe a stack-based buffer overflow in the MSN protocol header parsing, specifically in the X-MMS-IM-FORMAT header. This flaw allows remote attackers to execute arbitrary c...
ZDI-08-029: Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability
ZDI-08-029: Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-029 May 21, 2008 -- Affected Vendors: Cerulean Studios -- Affected Products: Cerulean Studios Trillian -- TippingPointTM IPS Customer Protection: TippingPoint IPS...