VDB
CVE-2008-5401
CVE-2008-5401
PUBLISHED
CVSS 10 CRITICAL
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
EPSS 21.86% · 95.9th percentile
Risk Scores
CVSS v2.0
10
EPSS Score
21.86%
95.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cerulean_studios | trillian_pro | 2.0, 3.1.5.0, 3.1_build_121 |
| ceruleanstudios | trillian_pro | 3.1.9.0 |
| ceruleanstudios | trillian | 3.1.9.0, 3.1.0.9 |
| n/a | n/a | * |
| cerulean_studios | trillian | 0.74, 0.74c, 0.74d |
Timeline
- Dec 4, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 14, 2023 EPSS Score
- May 24, 2023 EPSS Score
- Jun 9, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
References
- 32645 vdb
- trillian-xmltags-bo(47093) vdb
- 50472 vdb
- ADV-2008-3348 vdb
- 20081205 ZDI-08-077: Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability mailing-list
- 4700 third-party-advisory
- 33001 third-party-advisory
- http://www.zerodayinitiative.com/advisories/ZDI-08-077 url
- http://blog.ceruleanstudios.com/?p=404 url
- https://nvd.nist.gov/vuln/detail/CVE-2008-5401 advisory
- http://www.securitytracker.com/id?1021335 url