trillian software vulnerabilities

Searching trillian software vulnerabilities

The AIM component of Trillian 0.73 and 0.74 all

The AIM component of Trillian 0.73 and 0.74 allows remote attackers to cause a denial of service (crash) via certain strings such as "P > O < C".

Multiple buffer overflows in the IRC component

Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server.

The IRC component of Trillian 0.73 and 0.74 all

component | Trillian | IRC |

The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) by sending the raw messages (1) 206, (2) 211, (3) 213, (4) 214, (5) 215, (6) 217, (7) 218, (8) 243, (9) 302, (10) 317, (11) 324, (12) 332, (13) 333, (14) 352, and (15) 367.

Format string vulnerability in the error handli

Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name.

Buffer overflow in Trillian 0.73 allows remote

Trillian | overflow | Buffer |

Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response.

Cerulean Studios Trillian 0.73 and earlier use

Trillian | Cerulean | Studios |

Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts.

Buffer overflow in the IRC module of Trillian 0

Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message.

Trillian 1.0 Pro and 0.74 Freeware allows remot

Trillian | Pro |

Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified.

Buffer overflow in the MSN module in Trillian 0

Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a newline character.

Integer overflow in Trillian 0.74 and earlier,

Trillian | overflow | Integer |

Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.

Stack-based buffer overflow in Trillian 0.71 th

Stack-based | overflow | Trillian | buffer |

Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.

Buffer overflow in Trillian 3.0 and Pro 3.0 all

Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.

Multiple buffer overflows in the (1) AIM, (2) M

overflows | Multiple | buffer |

Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.

Multiple buffer overflows in the Yahoo plug-in

Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.

Trillian Pro 3.1 build 121, when checking Yahoo

Trillian | build | Pro |

Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the file after login, which allows local users to obtain sensitive information.

Cerulean Studios Trillian 3.0 allows remote att

Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ.

Heap-based buffer overflow in the Rendezvous /

Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding.

Cerulean Studios Trillian Pro before 3.1.5.1 al

Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker.

Buffer overflow in the AOL Instant Messenger (A

Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring.

The AOL Instant Messenger (AIM) protocol handle

Messenger | Instant | AOL |

The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary contents via certain aim: URIs, as demonstrated by a URI that begins with the "aim: &c:\" substring and contains a full pathname in the ini field. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Software vulnerabilities results 1 to 20 of 24

Page: 12 ►

trillian software vulnerabilities

vulnerabilities.aspcode.net

Searching trillian software vulnerabilities