Pidgin Security Advisory
| Title | AIM and ICQ remote crash |
|---|
| Date | 2011-10-20 |
|---|
| CVE Name | CVE-2011-4601 |
|---|
| Discovered By | Evgeny Boger |
|---|
| Description | When receiving various messages related to requesting or receiving authorization for adding a buddy to a buddy list, the oscar protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash. |
|---|
| Fixed in Revision | 8431da66063b |
|---|
| Fixed in Version | 2.10.1 |
|---|
| Fix | Validate incoming strings as UTF-8 before using them as such. |
|---|
Return to Security Advisory Index
