Signature Detail
Short Name |
CHAT:AIM:OVERFLOW:TRILLIAN-XML |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
CHAT |
Keywords |
Cerulean Studios Trillian Image Filename XML Tag Stack Buffer Overflow |
Release Date |
2010/10/20 |
Update Number |
1795 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
CHAT: Cerulean Studios Trillian Image Filename XML Tag Stack Buffer Overflow
This signature detects attempts to exploit a known stack buffer overflow vulnerability in Trillian instant messenger client application. It is due to a boundary error when processing images in the received messages. This can be exploited by remote attackers by sending a malicious message to the target AIM screen name. A successful attack can lead to arbitrary code injection and execution within the security context of the currently logged on user. The behavior of the target depends on the intention of the attacker. In an unsuccessful attack the affected product terminates abnormally.
Extended Description
Trillian is prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the affected application or cause denial-of-service conditions. Versions prior to Trillian 3.1.12.0 are affected.
Affected Products
- Cerulean Studios Trillian 3.1.0
- Cerulean Studios Trillian 3.1.10.0
- Cerulean Studios Trillian 3.1.11
- Cerulean Studios Trillian 3.1.5 0
- Cerulean Studios Trillian 3.1.5.1
- Cerulean Studios Trillian 3.1.6.0
- Cerulean Studios Trillian 3.1.7.0
- Cerulean Studios Trillian 3.1.9.0
- Cerulean Studios Trillian Pro 3.1.0
References
- BugTraq: 32645
- CVE: CVE-2008-5401