CHAT: Cerulean Studios Trillian Image Filename XML Tag Stack Buffer Overflow
This signature detects attempts to exploit a known stack buffer overflow vulnerability in Trillian instant messenger client application. It is due to a boundary error when processing images in the received messages. This can be exploited by remote attackers by sending a malicious message to the target AIM screen name. A successful attack can lead to arbitrary code injection and execution within the security context of the currently logged on user. The behavior of the target depends on the intention of the attacker. In an unsuccessful attack the affected product terminates abnormally.
Extended Description
Trillian is prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the affected application or cause denial-of-service conditions. Versions prior to Trillian 3.1.12.0 are affected.
Affected Products
Cerulean_studios trillian
Short Name
CHAT:AIM:OVERFLOW:TRILLIAN-XML
Severity
Major
Recommended
False
Recommended Action
Drop
Category
CHAT
Keywords
Buffer CVE-2008-5401 Cerulean Filename Image Overflow Stack Studios Tag Trillian XML bid:32645
Release Date
10/20/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Cerulean_studios
CVSS Score
10.0