CVE-2008-6563

Description

Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DTD file.

Affected products

• ceruleanstudios / trillian3.1.9.0 – 3.1.9.0
• ceruleanstudios / trillian3.1.9.0 – 3.1.9.0
• ceruleanstudios / trillian3.1.9.0 – 3.1.9.0

References

• MISChttp://www.securityfocus.com/bid/28747
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/41782
• MISChttp://osvdb.org/51130
• MISChttp://www.securityfocus.com/archive/1/490772/100/0/threaded