cbcvebase.

Ceruleanstudios Trillian vulnerabilities

5 known vulnerabilities affecting ceruleanstudios/trillian.

Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL5

Vulnerabilities

Page 1 of 1
CVE-2008-6563P3CRITICALCVSS 9.3PoCv3.1.9.02009-03-31
CVE-2008-6563 [CRITICAL] CWE-119 CVE-2008-6563: Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DTD file.
nvd
CVE-2008-5401P3CRITICALCVSS 10.0v3.1.0.9v3.1.9.02008-12-10
CVE-2008-5401 [CRITICAL] CWE-119 CVE-2008-5401: Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows r Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
nvd
CVE-2008-5403P3CRITICALCVSS 10.0v3.1.0.9v3.1.9.02008-12-10
CVE-2008-5403 [CRITICAL] CWE-119 CVE-2008-5403: Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows re Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.
nvd
CVE-2008-5402P3CRITICALCVSS 10.0v3.1.0.9v3.1.9.02008-12-10
CVE-2008-5402 [CRITICAL] CWE-399 CVE-2008-5402: Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to e Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID."
nvd
CVE-2008-2407P3CRITICALCVSS 9.3≤ 3.1.9.02008-05-23
CVE-2008-2407 [CRITICAL] CWE-119 CVE-2008-2407: Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian before 3.1.10.0 allows user-assi Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian before 3.1.10.0 allows user-assisted remote attackers to execute arbitrary code via a long attribute value in a FONT tag in a message.
nvd
Ceruleanstudios Trillian vulnerabilities | cvebase