Описание
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.9.20140610-2ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.6-3ubuntu2.14.04.2]] |
| precise | released | 1.6-3ubuntu1.2 |
| trusty | released | 1.6-3ubuntu2.14.04.2 |
| trusty/esm | DNE | trusty was released [1.6-3ubuntu2.14.04.2] |
| upstream | needs-triage | |
| vivid | released | 1.9.20140610-2ubuntu1.1 |
| wily | released | 1.9.20140610-2ubuntu2 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the ...
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
EPSS
6.8 Medium
CVSS2