When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Text bug blights Trillian

Users of the popular Trillian instant messaging client need to update their software following the discovery of a serious security bug. The multi-protocol chat application from Cerulean Studios is subject to a heap overflow vulnerability because of programming errors involving the word-wrapping of UTF-8 text.

As a result, hackers might be able to crash versions of the application, thereby loading exploit code onto vulnerable systems. Viewing a malicious message containing a specially malformed UTF-8 string would be enough to trigger the attack. "The MSN protocol is a known attack vector for this vulnerability. However, exploitation could potentially occur using any supported protocol," an advisory by iDefense warns.

View: The full story
News source: The Reg

Report a problem with article
Next Article

'Italian job' attacks spread worldwide

Previous Article

Spybot - Search and Destroy 1.5 Beta [6/19/2007]

Join the conversation!

Login or Sign Up to read and post a comment.

3 Comments - Add comment