![]() |
Text bug blights Trillian
Users of the popular Trillian instant messaging client need to update their software following the discovery of a serious security bug. The multi-protocol chat application from Cerulean Studios is subject to a heap overflow vulnerability because of programming errors involving the word-wrapping of UTF-8 text.
As a result, hackers might be able to crash versions of the application, thereby loading exploit code onto vulnerable systems. Viewing a malicious message containing a specially malformed UTF-8 string would be enough to trigger the attack. "The MSN protocol is a known attack vector for this vulnerability. However, exploitation could potentially occur using any supported protocol," an advisory by iDefense warns. ![]() ![]() Read full story... More... |
All times are GMT +1. The time now is 05:24 AM. |
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.