See-security advisory: Trillian Basic 3.0 PNG Processing Buffer overflow

Type securityvulns
Reporter Securityvulns
Modified 2005-03-09T00:00:00


See-security Technologies ltd.

[-] Product Information Trillian is a fully featured, stand-alone, skinnable chat client that supports AIM, ICQ, MSN, Yahoo Messenger, and IRC.

[-] Vulnerability Description Trillian contains a buffer overflow vulnerability in the way it parse PNG Images

[-] Exploit Proof of concept exploit code is available at

[-] Exploitation Analysis When triggering this vulnerability the return address is overwritten and the ESP register points to user-controlled data by crafting a malformed structure its possible to execute arbitrary code The structrue is as follows [Malformed PNG Header][shellcode][New return address][get back shellcode]

[-] Credits The vulnerability was discovered and exploited by Tal zeltzer