Trillian < 18.104.22.168 XMPP Decoding Heap Overflow
High Nessus Plugin ID 25148
SynopsisThe remote host contains an instant messaging application which is susceptible to a heap overflow vulnerability.
DescriptionThe version of Trillian installed on the remote host contains a buffer overflow vulnerability which can be triggered when decoding a malformed XMPP (eXtensible Messaging and Presence Protocol) message.
To exploit this flaw, an attacker would need to send a specially crafted XMPP message to a user of this program, thus causing arbitrary code execution.
SolutionUpgrade to Trillian 22.214.171.124 or later.