Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-5958

Опубликовано: 31 янв. 2013
Источник: nvd
CVSS2: 10
EPSS Высокий

Описание

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:libupnp_project:libupnp:*:*:*:*:*:*:*:*
Версия до 1.6.17 (включая)
cpe:2.3:a:libupnp_project:libupnp:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.5:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.6:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.7:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.8:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.9:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.10:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.11:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.12:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.13:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.14:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.15:*:*:*:*:*:*:*
cpe:2.3:a:libupnp_project:libupnp:1.6.16:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.88128
Высокий

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2012-5958

ubuntu
больше 12 лет назад

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

redhat логотип

CVE-2012-5958

redhat
больше 12 лет назад

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

debian логотип

CVE-2012-5958

debian
больше 12 лет назад

Stack-based buffer overflow in the unique_service_name function in ssd ...

github логотип

GHSA-mpm3-m3f6-fx5w

github
больше 3 лет назад

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

fstec логотип

BDU:2015-09723

fstec
больше 11 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 99%
0.88128
Высокий

10 Critical

CVSS2

Дефекты

CWE-119