Trillian Security Vulnerabilities and Issues — Trillian CVE List

Lucene search

Cerulean StudiosTrillian

12 matches found

CVE•added 2005/11/16 9:17 p.m.•51 views

CVE-2002-2162

Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts.

4.6CVSS6.5AI score0.00147EPSS

CVE•added 2005/08/16 4:0 a.m.•40 views

CVE-2004-2304

Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.

7.5CVSS8.1AI score0.03243EPSS

CVE•added 2005/08/16 4:0 a.m.•38 views

CVE-2004-2370

Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.

7.5CVSS8.5AI score0.05421EPSS

CVE•added 2005/03/04 5:0 a.m.•38 views

CVE-2005-0633

Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.

7.5CVSS8.2AI score0.0988EPSS

CVE•added 2005/03/20 5:0 a.m.•36 views

CVE-2001-1419

AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "

5CVSS6.9AI score0.07132EPSS

CVE•added 2005/05/02 4:0 a.m.•36 views

CVE-2005-0874

Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.

5CVSS7.2AI score0.00506EPSS

CVE•added 2005/10/05 9:2 p.m.•35 views

CVE-2005-3141

Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ.

5CVSS7AI score0.00911EPSS

CVE•added 2005/11/16 9:17 p.m.•33 views

CVE-2002-2173

Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message.

7.5CVSS8.2AI score0.0321EPSS

CVE•added 2005/11/16 9:17 p.m.•32 views

CVE-2002-2156

Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response.

7.5CVSS8.2AI score0.01185EPSS

CVE•added 2005/02/20 5:0 a.m.•32 views

CVE-2004-1666

Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a newline character.

7.5CVSS7.8AI score0.07543EPSS

CVE•added 2005/11/16 9:17 p.m.•29 views

CVE-2002-2155

Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name.

7.5CVSS8AI score0.00742EPSS

CVE•added 2005/05/02 4:0 a.m.•26 views

CVE-2005-0875

Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.

5CVSS7.2AI score0.00483EPSS