Cerulean Studios Trillian Pro — known CVE vulnerabilities
Every CVE whose affected-product data names Cerulean Studios Trillian Pro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2008-5403 — CVSS 10.0 (critical): Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary…
CVE-2007-2418 — CVSS 10.0 (critical): Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for…
CVE-2008-5401 — CVSS 10.0 (critical): Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary…
CVE-2008-5402 — CVSS 10.0 (critical): Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML…
CVE-2002-2390 — CVSS 10.0 (critical): Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of…
CVE-2007-2478 — CVSS 9.3 (critical): Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt…
CVE-2004-2304 — CVSS 7.5 (high): Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and…
CVE-2004-2370 — CVSS 7.5 (high): Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary…
CVE-2005-0633 — CVSS 7.5 (high): Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.
CVE-2005-2444 — CVSS 2.1 (low): Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the…