The vulnerability lies in calling g_markup_escape_text() on strings which have not been verified as valid UTF-8. This function is not required to do anything reasonable with invalid UTF-8, and indeed reads past the end of the string and will eventually segfault for certain sequences in some versions of Glib 2. Because the behavior of this function is undefined, and depends on the particular version of Glib 2 in use, the complete ramifications of this bug are unknown. Remote crashing of a libpurple client by untrusted users via specifically crafted SILC messages is a verified vulnerability. This bug is believed to affect all releases of libpurple up to and including version 2.10.0.
*** This bug has been marked as a duplicate of bug 385073 ***