Lucene search

[email protected]NVD:CVE-2012-5958

HistoryJan 31, 2013 - 9:55 p.m.

CVE-2012-5958

2013-01-3121:55:01

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.974

Percentile

99.9%

JSON

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

Affected configurations

Nvd

Node

libupnp_projectlibupnpRange≤1.6.17

libupnp_projectlibupnpMatch1.4.0

libupnp_projectlibupnpMatch1.4.1

libupnp_projectlibupnpMatch1.4.2

libupnp_projectlibupnpMatch1.4.3

libupnp_projectlibupnpMatch1.4.4

libupnp_projectlibupnpMatch1.4.5

libupnp_projectlibupnpMatch1.4.6

libupnp_projectlibupnpMatch1.4.7

libupnp_projectlibupnpMatch1.6.0

libupnp_projectlibupnpMatch1.6.1

libupnp_projectlibupnpMatch1.6.2

libupnp_projectlibupnpMatch1.6.3

libupnp_projectlibupnpMatch1.6.4

libupnp_projectlibupnpMatch1.6.5

libupnp_projectlibupnpMatch1.6.6

libupnp_projectlibupnpMatch1.6.7

libupnp_projectlibupnpMatch1.6.8

libupnp_projectlibupnpMatch1.6.9

libupnp_projectlibupnpMatch1.6.10

libupnp_projectlibupnpMatch1.6.11

libupnp_projectlibupnpMatch1.6.12

libupnp_projectlibupnpMatch1.6.13

libupnp_projectlibupnpMatch1.6.14

libupnp_projectlibupnpMatch1.6.15

libupnp_projectlibupnpMatch1.6.16

VendorProductVersionCPE
libupnp_projectlibupnp*cpe:2.3:a:libupnp_project:libupnp:*:*:*:*:*:*:*:*
libupnp_projectlibupnp1.4.0cpe:2.3:a:libupnp_project:libupnp:1.4.0:*:*:*:*:*:*:*
libupnp_projectlibupnp1.4.1cpe:2.3:a:libupnp_project:libupnp:1.4.1:*:*:*:*:*:*:*
libupnp_projectlibupnp1.4.2cpe:2.3:a:libupnp_project:libupnp:1.4.2:*:*:*:*:*:*:*
libupnp_projectlibupnp1.4.3cpe:2.3:a:libupnp_project:libupnp:1.4.3:*:*:*:*:*:*:*
libupnp_projectlibupnp1.4.4cpe:2.3:a:libupnp_project:libupnp:1.4.4:*:*:*:*:*:*:*
libupnp_projectlibupnp1.4.5cpe:2.3:a:libupnp_project:libupnp:1.4.5:*:*:*:*:*:*:*
libupnp_projectlibupnp1.4.6cpe:2.3:a:libupnp_project:libupnp:1.4.6:*:*:*:*:*:*:*
libupnp_projectlibupnp1.4.7cpe:2.3:a:libupnp_project:libupnp:1.4.7:*:*:*:*:*:*:*
libupnp_projectlibupnp1.6.0cpe:2.3:a:libupnp_project:libupnp:1.6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
libupnp_project	libupnp	*	cpe:2.3:a:libupnp_project:libupnp::::::::
libupnp_project	libupnp	1.4.0	cpe:2.3:a:libupnp_project:libupnp:1.4.0:::::::*
libupnp_project	libupnp	1.4.1	cpe:2.3:a:libupnp_project:libupnp:1.4.1:::::::*
libupnp_project	libupnp	1.4.2	cpe:2.3:a:libupnp_project:libupnp:1.4.2:::::::*
libupnp_project	libupnp	1.4.3	cpe:2.3:a:libupnp_project:libupnp:1.4.3:::::::*
libupnp_project	libupnp	1.4.4	cpe:2.3:a:libupnp_project:libupnp:1.4.4:::::::*
libupnp_project	libupnp	1.4.5	cpe:2.3:a:libupnp_project:libupnp:1.4.5:::::::*
libupnp_project	libupnp	1.4.6	cpe:2.3:a:libupnp_project:libupnp:1.4.6:::::::*
libupnp_project	libupnp	1.4.7	cpe:2.3:a:libupnp_project:libupnp:1.4.7:::::::*
libupnp_project	libupnp	1.6.0	cpe:2.3:a:libupnp_project:libupnp:1.6.0:::::::*