CVE-2007-2418

Name of the Vulnerable Software and Affected Versions Cerulean Studios Trillian Pro versions prior to 3.1.5.1

Description The issue is related to a heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component, specifically in the pluginsrendezvous.dll file. This allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion during encoding.

Recommendations For versions prior to 3.1.5.1, update to version 3.1.5.1 or later to resolve the issue. As a temporary workaround, consider disabling the Rendezvous / XMPP component until a patch is applied. Restrict access to the vulnerable pluginsrendezvous.dll file to minimize the risk of exploitation.