CVE-2011-3594

EPSS 0.96%

Published: 11/4/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2011-3594

Description

The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2.

Affected packages (1)

Debian/pidginfrom 0, < 2.10.1-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-3594