- Description
- Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cerulean_studios:trillian:0.73:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0376EA0-9F02-4987-A0A3-A79DE73512F7"
},
{
"criteria": "cpe:2.3:a:cerulean_studios:trillian:0.74:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03C5DC92-EE8F-43A7-8F78-58D01FA4D4A1"
},
{
"criteria": "cpe:2.3:a:cerulean_studios:trillian:0.725:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E747537-D974-48C6-8EAA-6B26F3FBDDA3"
}
],
"operator": "OR"
}
]
}
]