Trillian IRC User Mode Numeric Remote Buffer Overflow Vulnerability

Trillian is an instant messaging client that supports a number of protocols (including IRC, ICQ, MSN). It is available for Microsoft Windows systems.

It has been reported that Trillian does not perform adequate bounds checking when receiving IRC raw user mode messages. When a Trillian client receives an instruction from a server for a raw user mode change containing 251 or more bytes of data, a buffer overflow occurs. This could result in denial of service, or the execution of arbitrary attacker supplied instructions.


 

Privacy Statement
Copyright 2010, SecurityFocus