Lucene search

K
cve[email protected]CVE-2013-1462
HistoryJan 31, 2013 - 9:55 p.m.

CVE-2013-1462

2013-01-3121:55:01
CWE-189
web.nvd.nist.gov
19
cve-2013-1462
soapaction handler
miniupnpd
integer signedness error
denial of service
remote attackers

6.5 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.881 High

EPSS

Percentile

98.7%

Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230.

Affected configurations

NVD
Node
miniupnp_projectminiupnpdMatch1.0

6.5 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.881 High

EPSS

Percentile

98.7%