Gaim Vulnerability
| Title | MSN SLP buffer overflow |
|---|
| Date | 19 October 2004 |
|---|
| CVE Name | CAN-2004-0891 |
|---|
| Discovered By | Gaim |
|---|
| Summary | Buffer overflow when receiving unexpected sequence of MSN SLP messages |
|---|
| Description | Buffer overflow. memcpy was used without checking the size of the buffer before copying to it. Additionally, a logic flaw was causing the wrong buffer to be used as the destination for the copy under certain circumstances. |
|---|
| Fixed in Version | 1.0.2 |
|---|
| Fix | Correct the logic to select the correct buffer, and add bounds checking to prevent malformed messages causing a buffer overflow. |
|---|
Return to Index of Vulnerabilities
Gaim
