[26880] in bugtraq
Trillian XML parser buffer overflow
daemon@ATHENA.MIT.EDU (John C. Hennessy)
Sat Aug 31 14:19:58 2002
Message-ID: <001f01c250e1$ad7b2e30$c6798fd1@kibble>
From: "John C. Hennessy" <johnh@charm.net>
To: <bugtraq@securityfocus.com>
Date: Sat, 31 Aug 2002 04:29:32 -0700
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_001C_01C250A7.00DA9240"
------=_NextPart_000_001C_01C250A7.00DA9240
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
See attached file.
------=_NextPart_000_001C_01C250A7.00DA9240
Content-Type: text/plain;
name="trillian2.txt"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
filename="trillian2.txt"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Problem:
It is possible to create a skin for trillian that will trigger a buffer =
overflow.
In trillian.xml under the <prefs> section.
[control name=3D"colors" type=3D"colors"]
[colors file=3D"(4096 characters)"]
Still no word from Cerulean Studios on when a fix will be available. =
They were alerted to this=20
problem on july 28th.
John C. Hennessy
Information security analyst
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBPXCoUzfHYhhTZOYaEQKcNgCaAoKdMpf6ZGW10zDIT2G23qGPUiYAn10w
TNFv8B0VbJD/M8HVliA5B64V
=3DbYD6
-----END PGP SIGNATURE-----
------=_NextPart_000_001C_01C250A7.00DA9240--
