Summary NULL pointer dereference parsing SOAP data in MSN
Date 2014-01-28
CVE Number CVE-2013-6482
Discovered By Fabian Yamaguchi and Christian Wressnegger of the University of Goettingen
Fixed In Release 2.10.8


A malicious server or man-in-the-middle could send us a specially-crafted SOAP response that results in a NULL pointer dereference.


Check for NULL before using values.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site