Computer Security
[EN] securityvulns.ru no-pyccku


CVECVE-2015-6031
StatusCandidate
DescriptionBuffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
PhaseAssigned (14.08.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6031
ReferencesDEBIAN : DSA-3379
 MISC : http://talosintel.com/reports/TALOS-2015-0035/
 CONFIRM : https://github.com/miniupnp/miniupnp/blob/master/m...
 CONFIRM : https://github.com/miniupnp/miniupnp/commit/79cca9...
 UBUNTU : USN-2780-1
 UBUNTU : USN-2780-2
SecurityVulns:MiniUPnP library buffer overflow
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod