CVE-2011-3594

Priority
Description
The g_markup_escape_text function in the SILC protocol plug-in in libpurple
2.10.0 and earlier, as used in Pidgin and possibly other products, allows
remote attackers to cause a denial of service (crash) via invalid UTF-8
sequences that trigger use of invalid pointers and an out-of-bounds read,
related to interactions with certain versions of glib2.
Assigned-to
mdeslaur
Notes
mdeslaurOneiric+ isn't built with SILC support
More Information

Updated: 2020-01-29 19:42:22 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)