hugo/content/about/security/advisories/cve-2011-4603-00.md

Fri, 12 Jul 2024 00:14:47 -0500

author
Gary Kramlich <grim@reaperworld.com>
date
Fri, 12 Jul 2024 00:14:47 -0500
changeset 538
24fe83c549b1
parent 399
0ec2c139628a
permissions
-rw-r--r--

Sort the plugins list by the heading attribute

Previously we depended on the sorting of the json file, but that's difficult
and error prone considering that we can just let hugo do it.

Testing Done:
Ran the site locally and verified that the sorting worked.

Reviewed at https://reviews.imfreedom.org/r/3279/

---
title: cve-2011-4603-00
date: 2011-09-29T00:00:00.000Z
cveNumber: cve-2011-4603
summary: SILC remote crash
discoveredBy: Diego Bauche Madero from IOActive
fixedInRelease: 2.10.1
type: security
layout: cve
hidden: true
---

### Description

When receiving various incoming messages, the SILC protocol plugin failed to
validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would
lead to a crash. This vulnerability is similar to CVE-2011-3594, but occurs in a
different piece of code and was fixed at a later date.

### Mitigation

Validate incoming strings as UTF-8 before using them as such.

mercurial