CVE-2007-3832

EPSS 15.3%
Published 17.07.2007 22:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring.

Affected products Warnungen 0 Metrics 2 CWE 1 References 10

Data is provided by the National Vulnerability Database (NVD)

Cerulean Studios ≫ Trillian Version3.1.6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	15.3%	0.94

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0356.html

http://secunia.com/advisories/26086

http://www.kb.cert.org/vuls/id/786920

US Government Resource

http://www.securityfocus.com/bid/24927

http://www.vupen.com/english/advisories/2007/2546

http://www.xs-sniper.com/nmcfeters/Cross-App-Scripting-2.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/35447

https://nvd.nist.gov/vuln/detail/CVE-2007-3832

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-3832

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-3832

EUVD