Cerulean Studios Trillian — known CVE vulnerabilities
Every CVE whose affected-product data names Cerulean Studios Trillian, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (31)
CVE-2008-5401 — CVSS 10.0 (critical): Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary…
CVE-2002-2390 — CVSS 10.0 (critical): Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of…
CVE-2008-5403 — CVSS 10.0 (critical): Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary…
CVE-2008-5402 — CVSS 10.0 (critical): Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML…
CVE-2008-2409 — CVSS 9.3 (critical): Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified…
CVE-2007-3305 — CVSS 9.3 (critical): Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message…
CVE-2007-3832 — CVSS 9.3 (critical): Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to…
CVE-2008-2008 — CVSS 9.3 (critical): Buffer overflow in the Display Names message feature in Cerulean Studios Trillian Basic and Pro 3.1.9.0 allows remote attackers to cause a…
CVE-2005-0633 — CVSS 7.5 (high): Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.
CVE-2002-1486 — CVSS 7.5 (high): Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service…
CVE-2002-2155 — CVSS 7.5 (high): Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute…
CVE-2002-2156 — CVSS 7.5 (high): Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response.
CVE-2002-2173 — CVSS 7.5 (high): Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat…
CVE-2004-1666 — CVSS 7.5 (high): Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a…
CVE-2004-2304 — CVSS 7.5 (high): Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and…
CVE-2004-2370 — CVSS 7.5 (high): Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary…
CVE-2002-2366 — CVSS 6.8 (medium): Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and…
CVE-2007-2479 — CVSS 5.9 (medium): Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING…
CVE-2012-5824 — CVSS 5.8 (medium): Trillian 5.1.0.19 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field…
CVE-2009-4831 — CVSS 5.8 (medium): Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication, which allows remote attackers to obtain MSN…
CVE-2005-3141 — CVSS 5.0 (medium): Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different…
CVE-2005-0875 — CVSS 5.0 (medium): Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service…
CVE-2005-0874 — CVSS 5.0 (medium): Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial…
CVE-2007-3833 — CVSS 5.0 (medium): The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary…
CVE-2003-0520 — CVSS 5.0 (medium): Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the…
CVE-2006-0543 — CVSS 5.0 (medium): Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac…
CVE-2002-1488 — CVSS 5.0 (medium): The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) via a PART message…
CVE-2002-1487 — CVSS 5.0 (medium): The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) by sending the raw…
CVE-2002-1485 — CVSS 5.0 (medium): The AIM component of Trillian 0.73 and 0.74 allows remote attackers to cause a denial of service (crash) via certain strings such as "P > O…
CVE-2001-1419 — CVSS 5.0 (medium): AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant…
CVE-2002-2162 — CVSS 4.6 (medium): Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory…