返回 CVE 浏览器

CVE-2007-3832

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.1490%

EPSS Percentile34.48th

Published2007年7月17日

Last Modified2026年4月23日

Vulnerability Description

Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring.

Affected Platforms (CPE)

📦

Cerulean Studios

Trillian

= 3.1.6.0

References & Advisories

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0356.html

🔗 http://secunia.com/advisories/26086

🔗 http://www.kb.cert.org/vuls/id/786920

🔗 http://www.securityfocus.com/bid/24927

🔗 http://www.vupen.com/english/advisories/2007/2546

🔗 http://www.xs-sniper.com/nmcfeters/Cross-App-Scripting-2.html

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/35447

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0356.html

相关漏洞威胁

CVE-2007-241810.0

Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll...

CVE-2008-540310.0

Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbi...

CVE-2002-239010.0

Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a ...

CVE-2008-540110.0

Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arb...