CVE-2007-2478

Name of the Vulnerable Software and Affected Versions Cerulean Studios Trillian Pro versions prior to 3.1.5.1

Description The issue is related to multiple heap-based buffer overflows in the IRC component. These overflows can be triggered by a URL with a long UTF-8 string when a user highlights it, or by a font HTML tag with a face attribute containing a long UTF-8 string. This could allow remote attackers to corrupt memory and possibly execute arbitrary code.

Recommendations For versions prior to 3.1.5.1, update to version 3.1.5.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of long UTF-8 strings in URLs and font HTML tags until the update is applied.