Info

Disclosure

Jul 29, 2005

Discovery

Jul 29, 2005

Dates

Exploit

Jul 29, 2005

Solution

Unknown

Description

Trillian contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to Yahoo Mail passwords when the Check Mail function occurs, which may lead to a loss of confidentiality.

Classification

Location: Local Access Required
Attack Type: Cryptographic, Information Disclosure
Impact: Loss of Confidentiality
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Cerulean Studios	Trillian Basic	3.1
Cerulean Studios	Trillian Pro	3.1

References

Secunia Advisory ID: 16289
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-07/0520.html
http://archives.neohapsis.com/archives/bugtraq/2005-08/0025.html
CVE ID: 2005-2444 (see also: NVD)

Credit

Suramya Tomar - securitysuramya.com -

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Cerulean Studios

Trillian Basic

Trillian Pro

References

Credit