CVE 2014-3695
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
See the
CVE page on Mitre.org
for more details.