CVE-2008-5401

Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
VendorProductVersion
cerulean_studiostrillian
𝑥
≤ 3.1.11.0
cerulean_studiostrillian
0.50
cerulean_studiostrillian
0.52
cerulean_studiostrillian
0.60
cerulean_studiostrillian
0.61
cerulean_studiostrillian
0.62
cerulean_studiostrillian
0.63
cerulean_studiostrillian
0.70
cerulean_studiostrillian
0.71
cerulean_studiostrillian
0.72
cerulean_studiostrillian
0.73
cerulean_studiostrillian
0.74
cerulean_studiostrillian
0.74c:c
cerulean_studiostrillian
0.74d:d
cerulean_studiostrillian
0.74e:e
cerulean_studiostrillian
0.74f:f
cerulean_studiostrillian
0.74g:g
cerulean_studiostrillian
0.74i:i
cerulean_studiostrillian
0.635
cerulean_studiostrillian
0.725
cerulean_studiostrillian
0.6351
cerulean_studiostrillian
1.0
cerulean_studiostrillian
1.0
cerulean_studiostrillian
2.0
cerulean_studiostrillian
2.0
cerulean_studiostrillian
2.1
cerulean_studiostrillian
3.0
cerulean_studiostrillian
3.0
cerulean_studiostrillian
3.0
cerulean_studiostrillian
3.1
cerulean_studiostrillian
3.1
cerulean_studiostrillian
3.1
cerulean_studiostrillian
3.1.0.120
cerulean_studiostrillian
3.1.0.121
cerulean_studiostrillian
3.1.5.0
cerulean_studiostrillian
3.1.5.1
cerulean_studiostrillian
3.1.6.0
cerulean_studiostrillian
3.1.7.0
cerulean_studiostrillian
3.1.8.0
cerulean_studiostrillian
3.1.9.0
cerulean_studiostrillian
3.1.9.0
cerulean_studiostrillian
3.1.9.0
cerulean_studiostrillian
3.1.10.0
cerulean_studiostrillian_pro
*
cerulean_studiostrillian_pro
1.0
cerulean_studiostrillian_pro
2.0
cerulean_studiostrillian_pro
2.01
cerulean_studiostrillian_pro
3.0
cerulean_studiostrillian_pro
3.1.5.0
cerulean_studiostrillian_pro
3.1_build_121:_build_121
ceruleanstudiostrillian
*
ceruleanstudiostrillian
3.1.0.9
ceruleanstudiostrillian
3.1.9.0
ceruleanstudiostrillian_pro
*
ceruleanstudiostrillian_pro
3.1.9.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blog.ceruleanstudios.com/?p=404
http://osvdb.org/50472
http://secunia.com/advisories/33001
http://securityreason.com/securityalert/4700
http://www.securityfocus.com/archive/1/498932/100/0/threaded
http://www.securityfocus.com/bid/32645
http://www.securitytracker.com/id?1021335
http://www.vupen.com/english/advisories/2008/3348
http://www.zerodayinitiative.com/advisories/ZDI-08-077
https://exchange.xforce.ibmcloud.com/vulnerabilities/47093
http://blog.ceruleanstudios.com/?p=404
http://osvdb.org/50472
http://secunia.com/advisories/33001
http://securityreason.com/securityalert/4700
http://www.securityfocus.com/archive/1/498932/100/0/threaded
http://www.securityfocus.com/bid/32645
http://www.securitytracker.com/id?1021335
http://www.vupen.com/english/advisories/2008/3348
http://www.zerodayinitiative.com/advisories/ZDI-08-077
https://exchange.xforce.ibmcloud.com/vulnerabilities/47093