Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-5965
HistoryJan 31, 2013 - 12:00 a.m.

CVE-2012-5965

2013-01-3100:00:00
ubuntu.com
ubuntu.com
11

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.72 High

EPSS

Percentile

98.0%

Stack-based buffer overflow in the unique_service_name function in
ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices
(aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote
attackers to execute arbitrary code via a long DeviceType (aka urn device)
field in a UDP packet.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchlibupnp< 1:1.6.6-4ubuntu0.1UNKNOWN
ubuntu11.10noarchlibupnp< 1:1.6.6-5.1ubuntu0.11.10.1UNKNOWN
ubuntu12.04noarchlibupnp< 1:1.6.6-5.1ubuntu0.12.04.1UNKNOWN
ubuntu12.10noarchlibupnp< 1.6.17-1.1ubuntu0.12.10.1UNKNOWN
ubuntu11.10noarchlibupnp4< 1.8.0~svn20100507-1.1ubuntu0.11.10.1UNKNOWN
ubuntu12.04noarchlibupnp4< 1.8.0~svn20100507-1.1ubuntu0.12.04.1UNKNOWN
ubuntu12.10noarchlibupnp4< 1.8.0~svn20100507-1.1ubuntu0.12.10.1UNKNOWN

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.72 High

EPSS

Percentile

98.0%

Related for UB:CVE-2012-5965