cpe:/a:pidgin:libpurple:1.0 cpe:/a:pidgin:libpurple:2.0.0 cpe:/a:pidgin:libpurple:2.0.1 cpe:/a:pidgin:libpurple:2.0.2 cpe:/a:pidgin:libpurple:2.1.0 cpe:/a:pidgin:libpurple:2.1.1 cpe:/a:pidgin:libpurple:2.2.0 cpe:/a:pidgin:libpurple:2.2.1 cpe:/a:pidgin:libpurple:2.2.2 cpe:/a:pidgin:libpurple:2.3.0 cpe:/a:pidgin:libpurple:2.3.1 cpe:/a:pidgin:libpurple:2.4.0 cpe:/a:pidgin:libpurple:2.4.1 cpe:/a:pidgin:libpurple:2.4.2 cpe:/a:pidgin:libpurple:2.4.3 cpe:/a:pidgin:libpurple:2.5.0 cpe:/a:pidgin:libpurple:2.5.1 cpe:/a:pidgin:libpurple:2.5.2 cpe:/a:pidgin:libpurple:2.5.3 cpe:/a:pidgin:libpurple:2.5.4 cpe:/a:pidgin:libpurple:2.5.5 cpe:/a:pidgin:libpurple:2.5.6 cpe:/a:pidgin:libpurple:2.5.7 cpe:/a:pidgin:libpurple:2.5.8 cpe:/a:pidgin:libpurple:2.5.9 cpe:/a:pidgin:libpurple:2.6.0 cpe:/a:pidgin:libpurple:2.6.1 cpe:/a:pidgin:libpurple:2.6.2 cpe:/a:pidgin:libpurple:2.6.3 cpe:/a:pidgin:libpurple:2.6.4 cpe:/a:pidgin:libpurple:2.6.5 cpe:/a:pidgin:libpurple:2.6.6 cpe:/a:pidgin:libpurple:2.7.0 cpe:/a:pidgin:libpurple:2.7.1 cpe:/a:pidgin:libpurple:2.7.2 cpe:/a:pidgin:libpurple:2.7.3 cpe:/a:pidgin:libpurple:2.7.4 cpe:/a:pidgin:libpurple:2.7.5 cpe:/a:pidgin:libpurple:2.7.6 cpe:/a:pidgin:libpurple:2.7.7 cpe:/a:pidgin:libpurple:2.7.8 cpe:/a:pidgin:libpurple:2.7.9 cpe:/a:pidgin:libpurple:2.7.10 cpe:/a:pidgin:libpurple:2.7.11 cpe:/a:pidgin:libpurple:2.8.0 cpe:/a:pidgin:libpurple:2.9.0 cpe:/a:pidgin:libpurple:2.10.0 cpe:/a:pidgin:pidgin CVE-2011-3594 2011-11-04T17:55:07.083-04:00 2017-09-18T21:34:00.447-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2011-11-07T15:29:00.000-05:00 SECUNIA 46376 MANDRIVA MDVSA-2011:183 REDHAT RHSA-2011:1371 CONFIRM http://developer.pidgin.im/ticket/14636 MISC http://developer.pidgin.im/viewmtn/revision/diff/be5e66abad2af29604bc794cc4c6600ab12751f3/with/7eb1f6d56cc58bbb5b56b7df53955d36b9b419b8 CONFIRM http://pidgin.im/news/security/?id=56 MISC https://bugzilla.redhat.com/show_bug.cgi?id=743481 The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2.