‘Highly Critical’ Flaws Impair Trillian IM
Security researchers on May 22, 2008 alerted all people using the famous Trillian Instant Messaging (IM) client about three critical security holes in the software that could allow hijacking their Windows computers.
The first bug relating to a boundary fault in the header when parsing script for the MSN properties can be abused to lead to a buffer overflow using a specially designed X-MMS-IM-FORMAT header with a lengthy attribute. If the exploitation is successful, it allows running an arbitrary code.
The second bug relating to a fault in the XML parsing in talk.dll can be abused to lead to corruption of memory via certain deformed attributes in the 'IMG' tag. Here too, if the exploitation is successful, it allows running an arbitrary code.
The last bug called the aim.
» SPAMfighter News - 02-06-2008
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!