CVE-2019-12107

Опубликовано: 15 мая 2019

Источник: debian

Описание

The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
miniupnpd	fixed	2.1-6		package
miniupnpd	fixed	1.8.20140523-4.1+deb9u2	stretch	package

Примечания

https://github.com/miniupnp/miniupnp/commit/bec6ccec63cadc95655721bc0e1dd49dac759d94

Связанные уязвимости

CVE-2019-12107

CVSS3: 7.5

ubuntu

больше 6 лет назад

The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.

CVE-2019-12107

CVSS3: 7.5

nvd

больше 6 лет назад

The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.

GHSA-wh92-hmx9-3mf2

github

больше 3 лет назад

The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.