cve-2011-3594-00

Summary SILC remote crash
Date 2011-09-29
CVE Number CVE-2011-3594
Discovered By Diego Bauche Madero from IOActive
Fixed In Release 2.10.1

Description

When receiving various incoming messages, the SILC protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash.

Mitigation

Validate incoming strings as UTF-8 before using them as such.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site