CVE-2011-4601 (retired)

Priority
Description
family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin before
2.10.1 does not perform the expected UTF-8 validation on message data,
which allows remote attackers to cause a denial of service (application
crash) via a crafted (1) AIM or (2) ICQ message associated with buddy-list
addition.
Assigned-to
tyhicks
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (1:2.10.2-1ubuntu1)
Patches:
Upstream:http://hg.pidgin.im/pidgin/main/rev/8431da66063b
Vendor:https://rhn.redhat.com/errata/RHSA-2011-1821.html
More Information

Updated: 2019-03-26 11:59:27 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)