Summary
Detail | |||
---|---|---|---|
Vendor | Portable Sdk For Upnp Project | First view | 2013-01-31 |
Product | Portable Sdk For Upnp | Last view | 2013-01-31 |
Version | 1.6.3 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:portable_sdk_for_upnp_project:portable_sdk_for_upnp |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
10 | 2013-01-31 | CVE-2012-5960 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN (aka upnp:rootdevice) field in a UDP packet. |
10 | 2013-01-31 | CVE-2012-5959 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN (aka uuid) field within a string that contains a :: (colon colon) in a UDP packet. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | libupnp command buffer overflow attempt RuleID : 25620 - Type : SERVER-OTHER - Revision : 4 |
2014-01-10 | libupnp command buffer overflow attempt RuleID : 25612 - Type : SERVER-OTHER - Revision : 4 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-90.nasl - Type: ACT_GATHER_INFO |
2014-03-27 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201403-06.nasl - Type: ACT_GATHER_INFO |
2013-04-20 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2013-098.nasl - Type: ACT_GATHER_INFO |
2013-02-21 | Name: The remote Fedora host is missing a security update. File: fedora_2013-2352.nasl - Type: ACT_GATHER_INFO |
2013-02-21 | Name: The remote Fedora host is missing a security update. File: fedora_2013-2377.nasl - Type: ACT_GATHER_INFO |
2013-02-13 | Name: The remote Fedora host is missing a security update. File: fedora_2013-1713.nasl - Type: ACT_GATHER_INFO |
2013-02-13 | Name: The remote Fedora host is missing a security update. File: fedora_2013-1734.nasl - Type: ACT_GATHER_INFO |
2013-02-13 | Name: The remote Fedora host is missing a security update. File: fedora_2013-1765.nasl - Type: ACT_GATHER_INFO |
2013-02-04 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2614.nasl - Type: ACT_GATHER_INFO |
2013-02-04 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2615.nasl - Type: ACT_GATHER_INFO |
2013-02-01 | Name: A network service running on the remote host is affected by multiple remote c... File: libupnp_1_6_18.nasl - Type: ACT_GATHER_INFO |
2013-01-31 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_2ea6ce3d6afd11e29d4ebcaec524bf84.nasl - Type: ACT_GATHER_INFO |