Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5401

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-5401
Last Modified 07 Mar 2011 10:14:32
Published 10 Dec 2008 01:44:41
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5401

Summary

Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."

Vulnerable Systems

Application

  • Cerulean Studios Trillian 0.50

  • Cerulean Studios Trillian 0.52

  • Cerulean Studios Trillian 0.60

  • Cerulean Studios Trillian 0.61

  • Cerulean Studios Trillian 0.62

  • Cerulean Studios Trillian 0.63

  • Cerulean Studios Trillian 0.635

  • Cerulean Studios Trillian 0.6351

  • Cerulean Studios Trillian 0.70

  • Cerulean Studios Trillian 0.71

  • Cerulean Studios Trillian 0.72

  • Cerulean Studios Trillian 0.725

  • Cerulean Studios Trillian 0.73

  • Cerulean Studios Trillian 0.74

  • Cerulean Studios Trillian 0.74c

  • Cerulean Studios Trillian 0.74d

  • Cerulean Studios Trillian 0.74e

  • Cerulean Studios Trillian 0.74f

  • Cerulean Studios Trillian 0.74g

  • Cerulean Studios Trillian 0.74i

  • Cerulean Studios Trillian 1.0

  • Cerulean Studios Trillian 2.0

  • Cerulean Studios Trillian 2.1

  • Cerulean Studios Trillian 3.0

  • Cerulean Studios Trillian 3.1

  • Cerulean Studios Trillian 3.1.0.120

  • Cerulean Studios Trillian 3.1.0.121

  • Cerulean Studios Trillian 3.1.10.0

  • Cerulean Studios Trillian 3.1.11.0

  • Cerulean Studios Trillian 3.1.5.0

  • Cerulean Studios Trillian 3.1.5.1

  • Cerulean Studios Trillian 3.1.6.0

  • Cerulean Studios Trillian 3.1.7.0

  • Cerulean Studios Trillian 3.1.8.0

  • Cerulean Studios Trillian 3.1.9.0

  • Cerulean Studios Trillian Pro

  • Cerulean Studios Trillian Pro 1.0

  • Cerulean Studios Trillian Pro 2.0

  • Cerulean Studios Trillian Pro 2.01

  • Cerulean Studios Trillian Pro 3.0

  • Cerulean Studios Trillian Pro 3.1 Build 121

  • Cerulean Studios Trillian Pro 3.1.5.0

  • Ceruleanstudios Trillian

  • Ceruleanstudios Trillian 3.1.0.9

  • Ceruleanstudios Trillian 3.1.9.0

  • Ceruleanstudios Trillian Pro

  • Ceruleanstudios Trillian Pro 3.1.9.0


References

XF - trillian-xmltags-bo(47093)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-077

VUPEN - ADV-2008-3348

SECTRACK - 1021335

BID - 32645

BUGTRAQ - 20081205 ZDI-08-077: Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability

SREASON - 4700

SECUNIA - 33001

OSVDB - 50472

MISC - http://blog.ceruleanstudios.com/?p=404


Last Updated: 27 May 2016 10:48:48