Libupnp Multiple Buffer Overflow Vulnerabilities Network Vulnerability

Summary

libupnp is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code in the context of the device that uses the affected library. Failed exploit attempts will likely crash the application. libupnp versions prior to 1.6.18 are affected.

Solution

Updates are available. Please see the references for more information.

References

http://www.securityfocus.com/bid/57602

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-5958, CVE-2012-5959, CVE-2012-5960, CVE-2012-5961, CVE-2012-5962, CVE-2012-5963, CVE-2012-5964, CVE-2012-5965
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CTorrent/Enhanced CTorrent Buffer Overflow Vulnerability
CuteFTP Heap Based Buffer Overflow Vulnerability
Adobe Audition '.ses' Multiple Buffer Overflow Vulnerabilities (Windows)
AIMP ID3 Tag Buffer Overflow Vulnerability
A-V Tronics InetServ POP3 Denial Of Service Vulnerability

libupnp Multiple Buffer Overflow Vulnerabilities

Take action and discover your vulnerabilities