Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2409

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-2409
Last Modified 07 Mar 2011 10:09:08
Published 23 May 2008 11:32:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2409

Summary

Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message.

Vulnerable Systems

Application

  • Cerulean Studios Trillian 0.6351

  • Cerulean Studios Trillian 0.71

  • Cerulean Studios Trillian 0.725

  • Cerulean Studios Trillian 0.73

  • Cerulean Studios Trillian 0.74

  • Cerulean Studios Trillian 0.74i

  • Cerulean Studios Trillian 2.0

  • Cerulean Studios Trillian 2.1

  • Cerulean Studios Trillian 3.0

  • Cerulean Studios Trillian 3.1

  • Cerulean Studios Trillian 3.1.5.0

  • Cerulean Studios Trillian 3.1.5.1

  • Cerulean Studios Trillian 3.1.6.0

  • Cerulean Studios Trillian 3.1.7.0

  • Cerulean Studios Trillian 3.1.9.0


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-031/

BUGTRAQ - 20080521 ZDI-08-031: Trillian MSN MIME Header Stack-Based Overflow Vulnerability

XF - trillian-msn-protocol-bo(42576)

VUPEN - ADV-2008-1622

BID - 29330

SECTRACK - 1020106

SECUNIA - 30336


Last Updated: 27 May 2016 10:47:52