diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Jun192007

Text Bug Hits Trillian

Users of the popular Trillian instant messaging client need to update their software following the discovery of a serious security bug.

The multi-protocol chat application from Cerulean Studios is subject to a heap overflow vulnerability because of programming errors involving the word-wrapping of UTF-8 text.
 

As a result, hackers might be able to crash versions of the application, thereby loading exploit code onto vulnerable systems. Viewing a malicious message containing a specially malformed UTF-8 string would be enough to trigger the attack.

“The MSN protocol is a known attack vector for this vulnerability. However, exploitation could potentially occur using any supported protocol,” an advisory by iDefense warns.

Users are advised to update to a patched version of Trillian – version 3.1.6.0 – in order to guard against attack, as explained in an posting on Cerulean Studios’ Trillian blog. ®

Source:→ The Register

Trillian, Instant Messaging, Vulnerabilitiy, Bug, Text Bug, News

Share This Story, Choose Your Platform!

Do NOT follow this link or you will be banned from the site!