Trillian DirectIM Packet Remote Overflow
High Nessus Plugin ID 12076
SynopsisThe remote Windows host contains an instant messaging client that is vulnerable to a buffer overflow attack.
DescriptionAn integer buffer overflow exists in the AOL Instant Messenger (AIM) component of the version of Trillian instant messaging client installed on the remote host. By sending a DirectIM packet with a size above 8k bytes, a remote attacker can potentially execute code on the affected host subject to the user's privileges.
SolutionUpgrade to Trillian 0.74 patch G or higher.