Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-5958

Опубликовано: 29 янв. 2013
Источник: redhat
CVSS2: 6.8
EPSS Высокий

Описание

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

Отчет

Not vulnerable. This issue did not affect GUPnP, which is an independent implementation of the UPnP standard, entirely different from libupnp. libupnp, while affected, is not provided by any version of Red Hat Enterprise Linux.

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-121
https://bugzilla.redhat.com/show_bug.cgi?id=883790libupnp: Multiple stack-based buffer overflows in unique_service_name() by processing specially-crafted SSDP request (VU#922681)

EPSS

Процентиль: 99%
0.88128
Высокий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-5958

ubuntu
больше 12 лет назад

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

nvd логотип

CVE-2012-5958

nvd
больше 12 лет назад

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

debian логотип

CVE-2012-5958

debian
больше 12 лет назад

Stack-based buffer overflow in the unique_service_name function in ssd ...

github логотип

GHSA-mpm3-m3f6-fx5w

github
больше 3 лет назад

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

fstec логотип

BDU:2015-09723

fstec
больше 11 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 99%
0.88128
Высокий

6.8 Medium

CVSS2