Trillian
by Trillian
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-0633 | 0.03 | — | 0.05 | Mar 2, 2005 | Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | |||
| CVE-2005-0874 | 0.00 | — | 0.02 | May 2, 2005 | Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | |||
| CVE-2004-2370 | 0.00 | — | 0.04 | Dec 31, 2004 | Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. | |||
| CVE-2003-0520 | 0.00 | — | 0.01 | Aug 18, 2003 | Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified. | |||
| CVE-2002-2390 | 0.00 | — | 0.06 | Dec 31, 2002 | Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | |||
| CVE-2002-2173 | 0.00 | — | 0.03 | Dec 31, 2002 | Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message. | |||
| CVE-2002-2366 | 0.00 | — | 0.02 | Dec 31, 2002 | Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml. | |||
| CVE-2002-2155 | 0.00 | — | 0.02 | Dec 31, 2002 | Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name. |
- CVE-2005-0633Mar 2, 2005risk 0.03cvss —epss 0.05
Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.
- CVE-2005-0874May 2, 2005risk 0.00cvss —epss 0.02
Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.
- CVE-2004-2370Dec 31, 2004risk 0.00cvss —epss 0.04
Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.
- CVE-2003-0520Aug 18, 2003risk 0.00cvss —epss 0.01
Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified.
- CVE-2002-2390Dec 31, 2002risk 0.00cvss —epss 0.06
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.
- CVE-2002-2173Dec 31, 2002risk 0.00cvss —epss 0.03
Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message.
- CVE-2002-2366Dec 31, 2002risk 0.00cvss —epss 0.02
Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml.
- CVE-2002-2155Dec 31, 2002risk 0.00cvss —epss 0.02
Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name.