Unrated severityNVD Advisory· Published Dec 10, 2008· Updated Apr 23, 2026
CVE-2008-5401
CVE-2008-5401
Description
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
Affected products
55cpe:2.3:a:cerulean_studios:trillian:*:*:*:*:*:*:*:*+ 45 more
- cpe:2.3:a:cerulean_studios:trillian:*:*:*:*:*:*:*:*range: <=3.1.11.0
- cpe:2.3:a:ceruleanstudios:trillian:*:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.50:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.52:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.60:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.61:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.62:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.63:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.635:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.6351:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.70:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.71:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.72:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.725:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.73:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.74:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.74c:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.74d:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.74e:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.74f:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.74g:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:0.74i:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:1.0:*:pro:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:2.0:*:pro:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.0:*:basic:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.0:*:pro:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.0.120:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.0.121:*:*:*:*:*:*:*
- cpe:2.3:a:ceruleanstudios:trillian:3.1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:ceruleanstudios:trillian:3.1.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.9.0:*:basic:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1.9.0:*:pro:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1:*:basic:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian:3.1:*:pro:*:*:*:*:*
cpe:2.3:a:cerulean_studios:trillian_pro:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:cerulean_studios:trillian_pro:*:*:*:*:*:*:*:*
- cpe:2.3:a:ceruleanstudios:trillian_pro:*:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian_pro:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian_pro:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian_pro:2.01:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian_pro:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian_pro:3.1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ceruleanstudios:trillian_pro:3.1.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:cerulean_studios:trillian_pro:3.1_build_121:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- secunia.com/advisories/33001nvdVendor Advisory
- blog.ceruleanstudios.comnvd
- osvdb.org/50472nvd
- securityreason.com/securityalert/4700nvd
- www.securityfocus.com/archive/1/498932/100/0/threadednvd
- www.securityfocus.com/bid/32645nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2008/3348nvd
- www.zerodayinitiative.com/advisories/ZDI-08-077nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/47093nvd
News mentions
0No linked articles in our index yet.