CVE-2007-2478 Information

Feb 14, 2021 cve

Description

Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string which triggers the overflow when the user highlights it or (2) a font HTML tag with a face attribute containing a long UTF-8 string.

Reference

http://blog.ceruleanstudios.com/?p=131 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=522 http://osvdb.org/35721 http://secunia.com/advisories/25086 http://www.securityfocus.com/bid/23730 http://www.securitytracker.com/id?1017982 http://www.vupen.com/english/advisories/2007/1596 https://exchange.xforce.ibmcloud.com/vulnerabilities/33985 trillian-urlhighlight-bo(33985) https://exchange.xforce.ibmcloud.com/vulnerabilities/33986

Share on: