CVE-2008-2407 — Vulnetix

CVE-2008-2407 PUBLISHED CVSS 9.300000190734863 CRITICAL

Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian before 3.1.10.0 allows user-assisted remote attackers to execute arbitrary code via a long attribute value in a FONT tag in a message.

EPSS 8.95% · 92.7th percentile

Risk Scores

CVSS v2.0

9.300000190734863

EPSS Score

8.95%

92.7th percentile

Affected Products

Vendor	Product	Versions
ceruleanstudios	trillian	0
n/a	n/a	n/a

Timeline

May 21, 2008 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 17, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 24, 2023 EPSS Score
Jul 15, 2023 EPSS Score
Sep 6, 2023 EPSS Score

References

1020104 vdb
trillian-aimdll-bo(42582) vdb
ADV-2008-1622 vdb
29330 vdb
30336 third-party-advisory
20080521 ZDI-08-029: Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability mailing-list
http://www.zerodayinitiative.com/advisories/ZDI-08-029/ url
https://nvd.nist.gov/vuln/detail/CVE-2008-2407 advisory
http://www.zerodayinitiative.com/advisories/ZDI-08-029 url

Open in Interactive Console →