Description
Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.
Affected products
- cerulean_studios / trillian0.71 – 0.71
- cerulean_studios / trillian0.73 – 0.73
- cerulean_studios / trillian0.74 – 0.74
- cerulean_studios / trillian0.74b – 0.74b
- cerulean_studios / trillian0.74c – 0.74c
- cerulean_studios / trillian0.74d – 0.74d
- cerulean_studios / trillian0.74e – 0.74e
- cerulean_studios / trillian0.74f – 0.74f
- cerulean_studios / trillian0.74g – 0.74g
- cerulean_studios / trillian0.725 – 0.725
- cerulean_studios / trillian_pro1.0 – 1.0
- cerulean_studios / trillian_pro2.0 – 2.0
- cerulean_studios / trillian_pro2.01 – 2.01
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/10973/
- VENDOR_ADVISORYhttp://security.e-matters.de/advisories/022004.html
- MISChttp://www.osvdb.org/4060
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15304
- MAILING_LISThttp://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017766.html
- MISChttp://securitytracker.com/id?1009220