<< Report Bot Infections To The FBI | Home | How Can I Plan An Online Chat or Meeting? >>





June 19, 2007

More Trillian Vulnerabilities

Cerulean Studios Trillian 3.1.5.1 and pervious versions of Trillian are vulnerable to a serious vulnerability.

Remote exploitation of a heap overflow vulnerability in Cerulean Studios Trillian Instant Messenger could allow attackers to execute arbitrary code as the currently logged on user.

The vulnerability specifically exists due to improper handling of UTF-8 sequences. When word-wrapping UTF-8 text, the window width is improperly used as a buffer size value. As such, heap corruption can occur leading to a potentially exploitable condition.

Trillian 3.1.6.0 has been released to close this vulnerability.

[Cerulean Studios Trillian UTF-8 Word Wrap Heap Overflow Vulnerability]

Posted in IRC News by #!/usr/bin/geek at 2007-06-19 15:37 ET (GMT-5)

Tags:


Comments


Post a comment

(Required)


(Valid Email Required)

Store my name and email in a cookie so I don't have to enter it again:


Comments are subject to the WyldRyde IRC Network Comment Policy

Links, URLs, and Web Addresses are prohibited!




Use of this form signifies your agreement to the WyldRyde IRC Network Comment Policy!


<< Report Bot Infections To The FBI | Home | How Can I Plan An Online Chat or Meeting? >>





Copyright (C) 1994 - 2008 - WyldRyde IRC Network - All rights reserved.
Advertise on WyldRyde | Link to WyldRyde | Network Terms of Service (Rules) | Donate to WyldRyde
Use of this web site signifies your agreement to the Conditions of Use | Copyright Notices | Privacy Policy

WyldRyde, WyldRyde IRC Network, WyldRyde Corp, WyldRyde Corporation, WyldRyde.org, WyldRyde.net, and WyldRyde Chat Script are trademarks of WyldRyde Corporation. All other trademarks and tradenames are property of their respective owners.