10

CVE-2008-5401

Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cerulean StudiosTrillian Version <= 3.1.11.0
Cerulean StudiosTrillian Version0.50
Cerulean StudiosTrillian Version0.52
Cerulean StudiosTrillian Version0.60
Cerulean StudiosTrillian Version0.61
Cerulean StudiosTrillian Version0.62
Cerulean StudiosTrillian Version0.63
Cerulean StudiosTrillian Version0.70
Cerulean StudiosTrillian Version0.71
Cerulean StudiosTrillian Version0.72
Cerulean StudiosTrillian Version0.73
Cerulean StudiosTrillian Version0.74
Cerulean StudiosTrillian Version0.74c
Cerulean StudiosTrillian Version0.74d
Cerulean StudiosTrillian Version0.74e
Cerulean StudiosTrillian Version0.74f
Cerulean StudiosTrillian Version0.74g
Cerulean StudiosTrillian Version0.74i
Cerulean StudiosTrillian Version0.635
Cerulean StudiosTrillian Version0.725
Cerulean StudiosTrillian Version0.6351
Cerulean StudiosTrillian Version1.0
Cerulean StudiosTrillian Version1.0 Editionpro
Cerulean StudiosTrillian Version2.0
Cerulean StudiosTrillian Version2.0 Editionpro
Cerulean StudiosTrillian Version2.1
Cerulean StudiosTrillian Version3.0
Cerulean StudiosTrillian Version3.0 Editionbasic
Cerulean StudiosTrillian Version3.0 Editionpro
Cerulean StudiosTrillian Version3.1
Cerulean StudiosTrillian Version3.1 Editionbasic
Cerulean StudiosTrillian Version3.1 Editionpro
Cerulean StudiosTrillian Version3.1.0.120
Cerulean StudiosTrillian Version3.1.0.121
Cerulean StudiosTrillian Version3.1.5.0
Cerulean StudiosTrillian Version3.1.5.1
Cerulean StudiosTrillian Version3.1.6.0
Cerulean StudiosTrillian Version3.1.7.0
Cerulean StudiosTrillian Version3.1.8.0
Cerulean StudiosTrillian Version3.1.9.0
Cerulean StudiosTrillian Version3.1.9.0 Editionbasic
Cerulean StudiosTrillian Version3.1.9.0 Editionpro
Cerulean StudiosTrillian Version3.1.10.0
Cerulean StudiosTrillian Pro Version2.01
Cerulean StudiosTrillian Pro Version3.1.5.0
Cerulean StudiosTrillian Pro Version3.1_build_121
CeruleanstudiosTrillian Version3.1.0.9
CeruleanstudiosTrillian Version3.1.9.0
CeruleanstudiosTrillian Pro Version3.1.9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.93% 0.94
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://blog.ceruleanstudios.com/?p=404
http://osvdb.org/50472
http://secunia.com/advisories/33001
Vendor Advisory
http://securityreason.com/securityalert/4700
http://www.securityfocus.com/archive/1/498932/100/0/threaded
http://www.securityfocus.com/bid/32645
http://www.securitytracker.com/id?1021335
http://www.vupen.com/english/advisories/2008/3348
http://www.zerodayinitiative.com/advisories/ZDI-08-077
https://exchange.xforce.ibmcloud.com/vulnerabilities/47093