Summary
This host is installed with Trillian Messenger and is prone to multiple remote memory corruption vulnerabilities.
Impact
Successful exploitation will let the attacker execute arbitrary codes in the context of the application and can compromise a vulnerable system.
Solution
Upgrade to the version latest 3.1.12.0
http://www.ceruleanstudios.com/downloads
Insight
This flaw is due to,
- Boundary check error while generating XML Tags for images which can be exploited to cause stack overflow.
- An error while processing XML codes which can be exploited to corrupt an internal data structure and can clear a heap chunk multiple times.
- An boundary error while processing specially crafted XML tags which can cause a heap overflow.
Affected
Cerulean Studios, Trillian Messenger version prior to 3.1.12.0 on Windows.
References
Severity
Classification
-
CVE CVE-2008-5401, CVE-2008-5402, CVE-2008-5403 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win)
- Adobe Reader Multiple BOF Vulnerabilities - Jun09 (Linux)
- A-V Tronics InetServ POP3 Denial Of Service Vulnerability
- CA Internet Security Suite Plus 'KmxSbx.sys' Buffer Overflow Vulnerability
- Cogent DataHub Unicode Buffer Overflow Vulnerability