Download
| Alert*
oval:org.secpod.oval:def:47385
The host is installed with Trillian before 3.1.10.0 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long attribute value in a FONT tag in a message. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:47386 The host is installed with Trillian before 3.1.10.0 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a malformed attribute in an IMG tag. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:47387 The host is installed with Trillian through 3.1.9.0 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted DTD file. Successful exploitation could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code. oval:org.secpod.oval:def:47388 The host is installed with Trillian 3.1.0.121 and is prone to a ssl certificate vulnerability. A flaw is present in the application, which fails to handle a spoofed SSL certificate. Successful exploitation could allow attackers to obtain MSN credentials via a man-in-the-middle attack. oval:org.mitre.oval:def:12171 Trillian x86 is installed oval:org.secpod.oval:def:7792 The host is installed with Trillian 5.1.0.19 and is prone to spoofing vulnerability. A flaw is present in the application, which fails to verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. Successful exploitation ... |