| Summary | MSN partial SLP invite crash |
|---|---|
| Date | 2009-09-03 |
| CVE Number | CVE-2009-3083 |
| Discovered By | blackstar in ticket |
| Fixed In Release | 2.6.2 |
The MSN protocol plugin extracts some fields from an incoming SLP invite. If some of these fields do not exist in the invite message then the protocol plugin will attempt to dereference a NULL pointer and will crash.
Check for NULL values and handle appropriately.