Trillian < 3.1.10.0 Multiple Vulnerabilities

high Nessus Plugin ID 32400

Synopsis

The remote host contains an instant messaging application that is affected by several vulnerabilities.

Description

The version of Trillian installed on the remote host reportedly contains several vulnerabilities :

- A stack-based buffer overflow in 'aim.dll' triggered when parsing messages with overly long attribute values within the 'FONT' tag.

- A memory corruption issue within XML parsing in 'talk.dll' triggered when processing malformed attributes within an 'IMG' tag.

- A stack-based buffer overflow in the header-parsing code for the MSN protocol when processing the 'X-MMS-IM-FORMAT' header.

Successful exploitation of each issue can result in code execution subject to the privileges of the current user.

Solution

Upgrade to Trillian 3.1.10.0 or later as it is reported to resolve these issues.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-08-029/

https://www.zerodayinitiative.com/advisories/ZDI-08-030/

https://www.zerodayinitiative.com/advisories/ZDI-08-031/

https://seclists.org/fulldisclosure/2008/May/552

https://seclists.org/fulldisclosure/2008/May/553

https://seclists.org/fulldisclosure/2008/May/554

Plugin Details

Severity: High

ID: 32400

File Name: trillian_3_1_10_0.nasl

Version: 1.15

Type: local

Agent: windows

Family: Windows

Published: 5/22/2008

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:trillian:trillian

Required KB Items: SMB/Trillian/Version

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-2407, CVE-2008-2408, CVE-2008-2409

BID: 29330

CWE: 119

Secunia: 30336