date: 2011-09-29T00:00:00.000Z
summary: SILC remote crash
discoveredBy: Diego Bauche Madero from IOActive
When receiving various incoming messages, the SILC protocol plugin failed to
validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would
lead to a crash. This vulnerability is similar to CVE-2011-3594, but occurs in a
different piece of code and was fixed at a later date.
Validate incoming strings as UTF-8 before using them as such.