Matt Hargett

**Name of the Vulnerable Software and Affected Versions** Trillian version 2.0 **Description** The issue is related to multiple buffer overflows in various plug-ins, including AIM, MSN, and RSS, which can be triggered by remote web servers. This occurs when a long string is sent in an HTTP 1.1 response header, potentially causing a denial of service in the form of an application crash. **Recommendations** For Trillian version 2.0, consider disabling the affected plug-ins, such as AIM, MSN, and RSS, until a patch is available to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** Trillian versions 2.0 through 3.1 **Description** The issue is related to multiple buffer overflows in the Yahoo plug-in, which can be triggered by remote web servers sending a long string in an HTTP 1.1 response header, leading to a denial of service (application crash). **Recommendations** For Trillian versions 2.0 through 3.1, consider disabling the Yahoo plug-in until a patch is available to prevent potential exploitation.