Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary contents via certain aim: URIs, as demonstrated by a URI that begins with the "aim: &c:\" substring and contains a full pathname in the ini field. NOTE: this can be leveraged for code execution by writing to a Startup folder.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trillian aim:// URI处理器 批量文件写入漏洞
Vulnerability Description
Trillian是一个聊天程序,和多种即时通讯程序使用相同的接口,包括AIM、ICQ、Yahoo! Messenger、MSN Messenger和IRC。 Trillian的aim:// URI处理器在将某些部分的aim:// URI写入到ini=参数所指定的文件之前没有执行正确的验证,如果用户受骗跟随了特制的aim:// URI的话就可能导致向Windows的"开始"文件夹写入批处理文件。
CVSS Information
N/A
Vulnerability Type
N/A