Описание
Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker.
Ссылки
- Broken Link
- Broken Link
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cerulean_studios:trillian:3.1:*:*:*:basic:*:*:*
cpe:2.3:a:cerulean_studios:trillian:3.1:*:*:*:pro:*:*:*
EPSS
Процентиль: 80%
0.01447
Низкий
5.9 Medium
CVSS3
7.1 High
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.9
github
почти 4 года назад
Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker.
EPSS
Процентиль: 80%
0.01447
Низкий
5.9 Medium
CVSS3
7.1 High
CVSS2
Дефекты
CWE-200