Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2004-2370

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2004-2370
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.

Affected Software

Name Vendor Start Version End Version
Trillian_pro Cerulean_studios 2.0 2.0
Trillian Cerulean_studios 0.71 0.71
Trillian_pro Cerulean_studios 2.01 2.01
Trillian Cerulean_studios 0.74b 0.74b
Trillian Cerulean_studios 0.74g 0.74g
Trillian_pro Cerulean_studios 1.0 1.0
Trillian Cerulean_studios 0.74e 0.74e
Trillian Cerulean_studios 0.73 0.73
Trillian Cerulean_studios 0.725 0.725
Trillian Cerulean_studios 0.74c 0.74c
Trillian Cerulean_studios 0.74f 0.74f
Trillian Cerulean_studios 0.74 0.74
Trillian Cerulean_studios 0.74d 0.74d

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2023 Aqua Security Software Ltd.   Privacy Policy | Terms of Use