CVE-2011-4603

Priority
Low
Description
The silc_channel_message function in ops.c in the SILC protocol plugin in
libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8
validation on message data, which allows remote attackers to cause a denial
of service (application crash) via a crafted message, a different
vulnerability than CVE-2011-3594.
References
Bugs
Assigned-to
tyhicks
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (1:2.10.2-1ubuntu1)
Patches:
Upstream:http://hg.pidgin.im/pidgin/main/rev/fa8d4132d071
Vendor:https://rhn.redhat.com/errata/RHSA-2011-1820.html
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-15 19:38:59 UTC (commit 9690)