This page lists publicly disclosed CVE vulnerabilities affecting cerulean_studios trillian_pro (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-5403 | Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag. | [email protected] | 10.0 | 20.86% | 2008-12-10 | 2026-04-23 |
| CVE-2008-5402 | Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID." | [email protected] | 10.0 | 18.77% | 2008-12-10 | 2026-04-23 |
| CVE-2008-5401 | Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing." | [email protected] | 10.0 | 21.86% | 2008-12-10 | 2026-04-23 |
| CVE-2007-2478 | Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string. | [email protected] | 9.3 | 16.36% | 2007-05-03 | 2026-04-23 |
| CVE-2007-2418 | Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding. | [email protected] | 10.0 | 16.69% | 2007-05-02 | 2026-04-23 |
| CVE-2005-2444 | Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the file after login, which allows local users to obtain sensitive information. | [email protected] | 2.1 | 0.06% | 2005-08-03 | 2026-04-16 |
| CVE-2005-0633 | Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | [email protected] | 7.5 | 9.88% | 2005-03-02 | 2026-04-16 |
| CVE-2004-2370 | Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name. | [email protected] | 7.5 | 5.42% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2304 | Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | [email protected] | 7.5 | 3.24% | 2004-12-31 | 2026-04-16 |
| CVE-2002-2390 | Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | [email protected] | 10.0 | 13.29% | 2002-12-31 | 2026-04-16 |