Cerulean Studios on Monday released a “highly critical” security update for its Trillian multi-protocol chat software.
Attackers could exploit vulnerabilities in the character encoding for
Trillian 220.127.116.11–specifically, the word-wrapping handling of UTF-8, the Unicode Transformation Format used for encoding characters in e-mail, instant messages and Web pages, iDefense Labs warned in its security advisory. The vulnerabilities potentially could affect earlier versions of the Trillian software as well, iDefense said.
Story continues at news.com.com