Add remaining cve from 2004

4 months ago, Sorvival
Parents 7feb374b5a83
Children 34e168c9c4b4
Add remaining cve from 2004

Testing Done:
Verified correct rendering using dev-server script

Bugs closed: NEST-43

Reviewed at
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hugo/content/about/security/advisories/ Thu Feb 11 02:49:02 2021 -0600
@@ -0,0 +1,20 @@
+title: cve-2004-0891-00
+date: 2004-10-19T00:00:00.000Z
+cveNumber: cve-2004-0891
+summary: MSN SLP buffer overflow
+discoveredBy: Gaim
+fixedInRelease: 1.0.2
+type: security
+layout: cve
+hidden: true
+### Description
+Buffer overflow. memcpy was used without checking the size of the buffer before copying to it. Additionally, a logic flaw was causing the wrong buffer to be used as the destination for the copy under certain circumstances.
+### Mitigation
+Correct the logic to select the correct buffer, and add bounds checking to prevent malformed messages causing a buffer overflow.