CVE-2002-2366

Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cerulean_studios:trillian:0.73:*:*:*:*:*:*:*
cpe:2.3:a:cerulean_studios:trillian:0.725:*:*:*:*:*:*:*
cpe:2.3:a:cerulean_studios:trillian:0.6351:*:*:*:*:*:*:*

History

20 Nov 2024, 23:43

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2002-08/0334.html - () http://archives.neohapsis.com/archives/bugtraq/2002-08/0334.html -
References () http://www.iss.net/security_center/static/9999.php - () http://www.iss.net/security_center/static/9999.php -
References () http://www.securityfocus.com/bid/5601 - () http://www.securityfocus.com/bid/5601 -

Information

Published : 2002-12-31 05:00

Updated : 2024-11-20 23:43


NVD link : CVE-2002-2366

Mitre link : CVE-2002-2366

CVE.ORG link : CVE-2002-2366


JSON object : View

Products Affected

cerulean_studios

  • trillian
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer