More IM security nightmares on the way, this time it's the Trillian instant messaging app that has its problems. Researchers have reported that the application is susceptable to a vulnerability that could allow malicious-code writers to do anything from shutting down individual programs on computers running Trillian to gaining complete control of the OS running on the machine.
The company said the flaw in Cerulean's software, which folds IM clients from multiple providers, including America Online, Microsoft and Yahoo, into one interface, revolves around an unbounded buffer problem in Trillian 3.1, the latest version of the application.