CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-5401

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1130%
EPSS Percentile25.21th
Published2008年12月10日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."

Affected Platforms (CPE)

📦
Cerulean Studios

Trillian

<= 3.1.11.0
📦
Cerulean Studios

Trillian

= 0.50
📦
Cerulean Studios

Trillian

= 0.52
📦
Cerulean Studios

Trillian

= 0.60
📦
Cerulean Studios

Trillian

= 0.61
📦
Cerulean Studios

Trillian

= 0.62
📦
Cerulean Studios

Trillian

= 0.63
📦
Cerulean Studios

Trillian

= 0.70
📦
Cerulean Studios

Trillian

= 0.71
📦
Cerulean Studios

Trillian

= 0.72
📦
Cerulean Studios

Trillian

= 0.73
📦
Cerulean Studios

Trillian

= 0.74
📦
Cerulean Studios

Trillian

= 0.74c
📦
Cerulean Studios

Trillian

= 0.74d
📦
Cerulean Studios

Trillian

= 0.74e
📦
Cerulean Studios

Trillian

= 0.74f
📦
Cerulean Studios

Trillian

= 0.74g
📦
Cerulean Studios

Trillian

= 0.74i
📦
Cerulean Studios

Trillian

= 0.635
📦
Cerulean Studios

Trillian

= 0.725
📦
Cerulean Studios

Trillian

= 0.6351
📦
Cerulean Studios

Trillian

= 1.0
📦
Cerulean Studios

Trillian

= 1.0
📦
Cerulean Studios

Trillian

= 2.0
📦
Cerulean Studios

Trillian

= 2.0
📦
Cerulean Studios

Trillian

= 2.1
📦
Cerulean Studios

Trillian

= 3.0
📦
Cerulean Studios

Trillian

= 3.0
📦
Cerulean Studios

Trillian

= 3.0
📦
Cerulean Studios

Trillian

= 3.1
📦
Cerulean Studios

Trillian

= 3.1
📦
Cerulean Studios

Trillian

= 3.1
📦
Cerulean Studios

Trillian

= 3.1.0.120
📦
Cerulean Studios

Trillian

= 3.1.0.121
📦
Cerulean Studios

Trillian

= 3.1.5.0
📦
Cerulean Studios

Trillian

= 3.1.5.1
📦
Cerulean Studios

Trillian

= 3.1.6.0
📦
Cerulean Studios

Trillian

= 3.1.7.0
📦
Cerulean Studios

Trillian

= 3.1.8.0
📦
Cerulean Studios

Trillian

= 3.1.9.0
📦
Cerulean Studios

Trillian

= 3.1.9.0
📦
Cerulean Studios

Trillian

= 3.1.9.0
📦
Cerulean Studios

Trillian

= 3.1.10.0
📦
Cerulean Studios

Trillian Pro

All versions
📦
Cerulean Studios

Trillian Pro

= 1.0
📦
Cerulean Studios

Trillian Pro

= 2.0
📦
Cerulean Studios

Trillian Pro

= 2.01
📦
Cerulean Studios

Trillian Pro

= 3.0
📦
Cerulean Studios

Trillian Pro

= 3.1.5.0
📦
Cerulean Studios

Trillian Pro

= 3.1_build_121
📦
Ceruleanstudios

Trillian

All versions
📦
Ceruleanstudios

Trillian

= 3.1.0.9
📦
Ceruleanstudios

Trillian

= 3.1.9.0
📦
Ceruleanstudios

Trillian Pro

All versions
📦
Ceruleanstudios

Trillian Pro

= 3.1.9.0

References & Advisories

🔗 http://blog.ceruleanstudios.com/?p=404
🔗 http://osvdb.org/50472
🔗 http://secunia.com/advisories/33001
🔗 http://securityreason.com/securityalert/4700
🔗 http://www.securityfocus.com/archive/1/498932/100/0/threaded
🔗 http://www.securityfocus.com/bid/32645
🔗 http://www.securitytracker.com/id?1021335
🔗 http://www.vupen.com/english/advisories/2008/3348

相关漏洞威胁

CVE-2007-241810.0

Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll...

CVE-2008-540310.0

Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbi...

CVE-2002-239010.0

Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a ...

CVE-2008-540210.0

Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a cr...