Back to search
CVE-2008-2408
Published: May 23, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2008-1622
vdb-entry
x_refsource_VUPEN
20080521 ZDI-08-030: Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability
mailing-list
x_refsource_BUGTRAQ
29330
vdb-entry
x_refsource_BID
30336
third-party-advisory
x_refsource_SECUNIA
1020105
vdb-entry
x_refsource_SECTRACK
http://www.zerodayinitiative.com/advisories/ZDI-08-030/
x_refsource_MISC
trillian-talk-bo(42581)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now