29 matches found
EUVD-2008-2403
Malware in sbrugna...
EUVD-2007-2472
Malware in sbrugna...
EUVD-2008-2006
Malware in sbrugna...
EUVD-2005-2445
Malware in sbrugna...
Heap overflow
Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag...
CVE-2008-2408
Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag...
CVE-2008-2408
Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag...
CVE-2008-2408
CVE-2008-2408 concerns Cerulean Studios Trillian Pro before 3.1.10.0, where the XML parsing in talk.dll is vulnerable. The issue is a heap-based buffer overflow triggered by a malformed attribute in an IMG tag, allowing remote attackers to execute arbitrary code. The vulnerability is exploitable ...
ZDI-08-031: Trillian MSN MIME Header Stack-Based Overflow Vulnerability
ZDI-08-031: Trillian MSN MIME Header Stack-Based Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-031 May 21, 2008 -- Affected Vendors: Cerulean Studios -- Affected Products: Cerulean Studios Trillian -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers...
Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within XML parsing in talk.dll. When processing certain malformed attributes...
Trillian MSN MIME Header Stack-Based Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the header parsing code for the msn protocol. When processing the...
TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption
TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption http://dvlabs.tippingpoint.com/advisory/TPTI-07-06 May 2, 2007 -- CVE ID: CVE-2007-2418 -- Affected Vendor: Cerulean Studios -- Affected Products: Trillian Pro 3.1 build 121 and below -- TippingPointTM IPS Customer Protection:...
Design/Logic Flaw
Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be...
Heap overflow
Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...
CVE-2007-2478
Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...
CVE-2007-2479
Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be...
CVE-2007-2478
CVE-2007-2478 affects Cerulean Studios Trillian Pro’s IRC component prior to 3.1.5.1. It describes two heap-based buffer overflows triggered by long UTF-8 data: (1) a URL with a long UTF-8 string highlighted by the user, and (2) a font HTML tag with a face attribute containing a long UTF-8 string...
CVE-2007-2479
Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be...
CVE-2007-2479
CVE-2007-2479 affects Cerulean Studios Trillian Pro before 3.1.5.1. The vulnerability arises from processing long CTCP PING messages containing UTF-8 characters, producing a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to an attack...
CVE-2007-2478
Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...