[SecurityRatty] tag: trillian

Tillian IM, Facebook and Apple iCal flaws

Sun, 25 May 2008 20:00:00 +0000

Users of the Trillian IM client, Apple's iCal and Facebook are all at risk after flaws in each were discoverd. Fortunately, for Trillian users an update is available. But Facebook and iCal users are still waiting for fixes. Facebook users could have their accounts compromised through a password capture script. iCal is vulnerable to a critical flaw that was disclosed by Core Security after Apple dragged its feet over a patch.

Trillian Hit With Security Bug

Fri, 23 May 2008 09:23:30 +0000

From the Register:

The discovery of a trio of security bugs means that users of the popular Trillian instant messaging client need to update their software.

All three of the newly discovered bugs create a means for hackers to inject malware onto the PCs of surfers running vulnerable versions of the multi-protocol chat application from Cerulean Studios. The vulnerabilities involve flaws in how Trillian parses MSN protocol traffic, an error within XML parsing, and a third flaw involving the processing of messages with long (malformed) attribute values within the FONT tag can be exploited.

Read on.

Article Link

Trillian IM client at risk from attacks

Thu, 22 May 2008 09:00:00 +0000

Security researchers are warning users of the popular Trillian instant messaging client that the app contains three critical vulnerabilities that could be used to hijack their Windows PCs.

Trillian IM client at risk from attacks

Wed, 21 May 2008 20:00:00 +0000

Security researchers Thursday warned users of the popular Trillian instant messaging client that the software harbors three critical vulnerabilities that could be used to hijack their Windows PCs.