CVE-2011-4603 in Pidgininfo

Summary

The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted message, a different vulnerability than CVE-2011-3594.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

11/29/2011

Disclosure

12/16/2011

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

5.3

EPSS

0.01165

CTI

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4603
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4603
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4603/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!