‘Highly Critical’ Flaws Impair Trillian IM

Security researchers on May 22, 2008 alerted all people using the famous Trillian Instant Messaging (IM) client about three critical security holes in the software that could allow hijacking their Windows computers.

The first bug relating to a boundary fault in the header when parsing script for the MSN properties can be abused to lead to a buffer overflow using a specially designed X-MMS-IM-FORMAT header with a lengthy attribute. If the exploitation is successful, it allows running an arbitrary code.

The second bug relating to a fault in the XML parsing in talk.dll can be abused to lead to corruption of memory via certain deformed attributes in the 'IMG' tag. Here too, if the exploitation is successful, it allows running an arbitrary code.

The last bug called the aim.

» SPAMfighter News - 02-06-2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next