ByteOS Network

NVD Vulnerability Details :

CVE-2008-5403

Modified

Source-cve@mitre.org

Published At-10 Dec, 2008 | 06:44

Updated At-11 Oct, 2018 | 20:55

Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

cerulean_studios>>trillian>>0.50

cpe:2.3:a:cerulean_studios:trillian:0.50:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.52

cpe:2.3:a:cerulean_studios:trillian:0.52:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.60

cpe:2.3:a:cerulean_studios:trillian:0.60:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.61

cpe:2.3:a:cerulean_studios:trillian:0.61:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.62

cpe:2.3:a:cerulean_studios:trillian:0.62:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.63

cpe:2.3:a:cerulean_studios:trillian:0.63:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.70

cpe:2.3:a:cerulean_studios:trillian:0.70:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.71

cpe:2.3:a:cerulean_studios:trillian:0.71:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.72

cpe:2.3:a:cerulean_studios:trillian:0.72:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.73

cpe:2.3:a:cerulean_studios:trillian:0.73:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.74

cpe:2.3:a:cerulean_studios:trillian:0.74:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.74c

cpe:2.3:a:cerulean_studios:trillian:0.74c:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.74d

cpe:2.3:a:cerulean_studios:trillian:0.74d:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.74e

cpe:2.3:a:cerulean_studios:trillian:0.74e:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.74f

cpe:2.3:a:cerulean_studios:trillian:0.74f:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.74g

cpe:2.3:a:cerulean_studios:trillian:0.74g:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.74i

cpe:2.3:a:cerulean_studios:trillian:0.74i:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.635

cpe:2.3:a:cerulean_studios:trillian:0.635:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.725

cpe:2.3:a:cerulean_studios:trillian:0.725:*:*:*:*:*:*:*

cerulean_studios>>trillian>>0.6351

cpe:2.3:a:cerulean_studios:trillian:0.6351:*:*:*:*:*:*:*

cerulean_studios>>trillian>>1.0

cpe:2.3:a:cerulean_studios:trillian:1.0:*:*:*:*:*:*:*

cerulean_studios>>trillian>>1.0

cpe:2.3:a:cerulean_studios:trillian:1.0:*:pro:*:*:*:*:*

cerulean_studios>>trillian>>2.0

cpe:2.3:a:cerulean_studios:trillian:2.0:*:*:*:*:*:*:*

cerulean_studios>>trillian>>2.0

cpe:2.3:a:cerulean_studios:trillian:2.0:*:pro:*:*:*:*:*

cerulean_studios>>trillian>>2.1

cpe:2.3:a:cerulean_studios:trillian:2.1:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.0

cpe:2.3:a:cerulean_studios:trillian:3.0:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.0

cpe:2.3:a:cerulean_studios:trillian:3.0:*:basic:*:*:*:*:*

cerulean_studios>>trillian>>3.0

cpe:2.3:a:cerulean_studios:trillian:3.0:*:pro:*:*:*:*:*

cerulean_studios>>trillian>>3.1

cpe:2.3:a:cerulean_studios:trillian:3.1:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1

cpe:2.3:a:cerulean_studios:trillian:3.1:*:basic:*:*:*:*:*

cerulean_studios>>trillian>>3.1

cpe:2.3:a:cerulean_studios:trillian:3.1:*:pro:*:*:*:*:*

cerulean_studios>>trillian>>3.1.0.120

cpe:2.3:a:cerulean_studios:trillian:3.1.0.120:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1.0.121

cpe:2.3:a:cerulean_studios:trillian:3.1.0.121:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1.5.0

cpe:2.3:a:cerulean_studios:trillian:3.1.5.0:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1.5.1

cpe:2.3:a:cerulean_studios:trillian:3.1.5.1:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1.6.0

cpe:2.3:a:cerulean_studios:trillian:3.1.6.0:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1.7.0

cpe:2.3:a:cerulean_studios:trillian:3.1.7.0:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1.8.0

cpe:2.3:a:cerulean_studios:trillian:3.1.8.0:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1.9.0

cpe:2.3:a:cerulean_studios:trillian:3.1.9.0:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1.9.0

cpe:2.3:a:cerulean_studios:trillian:3.1.9.0:*:basic:*:*:*:*:*

cerulean_studios>>trillian>>3.1.9.0

cpe:2.3:a:cerulean_studios:trillian:3.1.9.0:*:pro:*:*:*:*:*

cerulean_studios>>trillian>>3.1.10.0

cpe:2.3:a:cerulean_studios:trillian:3.1.10.0:*:*:*:*:*:*:*

cerulean_studios>>trillian>>3.1.11.0

cpe:2.3:a:cerulean_studios:trillian:3.1.11.0:*:*:*:*:*:*:*

cerulean_studios>>trillian_pro>>*

cpe:2.3:a:cerulean_studios:trillian_pro:*:*:*:*:*:*:*:*

cerulean_studios>>trillian_pro>>1.0

cpe:2.3:a:cerulean_studios:trillian_pro:1.0:*:*:*:*:*:*:*

cerulean_studios>>trillian_pro>>2.0

cpe:2.3:a:cerulean_studios:trillian_pro:2.0:*:*:*:*:*:*:*

cerulean_studios>>trillian_pro>>2.01

cpe:2.3:a:cerulean_studios:trillian_pro:2.01:*:*:*:*:*:*:*

cerulean_studios>>trillian_pro>>3.0

cpe:2.3:a:cerulean_studios:trillian_pro:3.0:*:*:*:*:*:*:*

cerulean_studios>>trillian_pro>>3.1.5.0

cpe:2.3:a:cerulean_studios:trillian_pro:3.1.5.0:*:*:*:*:*:*:*

cerulean_studios>>trillian_pro>>3.1_build_121

cpe:2.3:a:cerulean_studios:trillian_pro:3.1_build_121:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://blog.ceruleanstudios.com/?p=404	cve@mitre.org	Vendor Advisory
http://osvdb.org/50474	cve@mitre.org	N/A
http://secunia.com/advisories/33001	cve@mitre.org	Vendor Advisory
http://securityreason.com/securityalert/4702	cve@mitre.org	N/A
http://www.securityfocus.com/archive/1/498936/100/0/threaded	cve@mitre.org	N/A
http://www.securityfocus.com/bid/32645	cve@mitre.org	N/A
http://www.securitytracker.com/id?1021336	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2008/3348	cve@mitre.org	N/A
http://www.zerodayinitiative.com/advisories/ZDI-08-079	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/47100	cve@mitre.org	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History