EUVD-2009-4794

Malware in sbrugna...

The vulnerability of Trillian software allows a malicious attacker to compromise the confidentiality and integrity of protected information.

The vulnerability exists in Cerulean Studios Trillian due to the lack of verification of SSL certificates during MSN authentication. Exploiting this vulnerability allows malicious actors operating remotely to obtain MSN credentials by using a “man-in-the-middle” attack and replacing the SSL...