icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Trillian IRC User Mode Numeric Remote Overflow

High

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running the Trillian IRC client. Trillian versions 0.73, 0.74, and possibly other versions are vulnerable to a buffer overflow, caused by improper validation of Internet Relay Chat (IRC) raw 221 user mode requests. By sending a raw 221 request with a mode of more than 251 bytes, a remote attacker in control of a malicious IRC server could overflow a buffer and cause the victim's Trillian client to crash or execute code on the system.

Solution

Upgrade or patch according to vendor recommendations.