Описание
Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string.
Ссылки
- Patch
- Vendor Advisory
- PatchVendor Advisory
- Patch
- Patch
- Patch
- Vendor Advisory
- PatchVendor Advisory
- Patch
- Patch
Уязвимые конфигурации
EPSS
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string.
EPSS
9.3 Critical
CVSS2