Lucene search
K

148 matches found

CVE
CVE
added 2013/01/31 9:0 p.m.280 views

CVE-2012-5958

CVE-2012-5958 is a stack-based buffer overflow in the unique_service_name() function of the SSDP parser in the Portable SDK for UPnP Devices (libupnp). It allows remote attackers to execute arbitrary code via crafted SSDP/UPnP traffic before version 1.6.18. Public advisories note the vulnerabilit...

10CVSS7.8AI score0.82807EPSS
Exploits6References18Affected Software1
Debian CVE
Debian CVE
added 2013/01/31 9:0 p.m.49 views

CVE-2012-5961

Removed by vendor...

10CVSS6.6AI score0.36925EPSS
Exploits1
Debian CVE
Debian CVE
added 2013/01/31 9:0 p.m.44 views

CVE-2012-5965

Removed by vendor...

10CVSS6.6AI score0.36925EPSS
Exploits1
CVE
CVE
added 2013/01/31 9:0 p.m.75 views

CVE-2012-5964

CVE-2012-5964 is a stack-based buffer overflow in libupnp’s unique_service_name() (ssdp_server.c) of the Portable SDK for UPnP Devices. Exploitation via a long ServiceType in a UDP packet could allow remote code execution. OpenSUSE openSUSE-SU-2013:0255-1 (and related advisories for libupnp) desc...

10CVSS7.8AI score0.36925EPSS
Exploits1References15Affected Software1
ATTACKERKB
ATTACKERKB
added 2013/01/31 12:0 a.m.41 views

UPnP unique_service_name Buffer Overflow

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string th...

10CVSS0.3AI score0.82807EPSS
Exploits13References15
OpenVAS
OpenVAS
added 2013/01/31 12:0 a.m.23 views

Debian: Security Advisory (DSA-2614-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.82807EPSS
Exploits13References3
CISA
CISA
added 2013/01/29 12:0 a.m.19 views

CERT Releases UPnP Security Advisory

Multiple vulnerabilities have been announced in libupnp, the open source portable SDK for UPnP devices. Libupnp is employed by hundreds of vendors for UPnP-enabled devices. Information is also available in CERT Vulnerability Note VU922681. US-CERT recommends that affected UPnP device vendors and...

7.1AI score
Exploits0References2
CERT
CERT
added 2013/01/29 12:0 a.m.166 views

Portable SDK for UPnP Devices (libupnp) contains multiple buffer overflows in SSDP

Overview The Portable SDK for UPnP Devices libupnp library contains multiple buffer overflow vulnerabilities. Devices that use libupnp may also accept UPnP queries over the WAN interface, therefore exposing the vulnerabilities to the internet. Description Universal Plug and Play UPnP is a set of...

8.2AI score
Exploits0References8
Rows per page
Query Builder