Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) prior to 1.6.18 allows remote malicious users to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libupnp project libupnp 1.6.12 |
||
libupnp project libupnp 1.6.11 |
||
libupnp project libupnp 1.6.4 |
||
libupnp project libupnp 1.6.3 |
||
libupnp project libupnp 1.4.3 |
||
libupnp project libupnp 1.4.2 |
||
libupnp project libupnp 1.6.16 |
||
libupnp project libupnp 1.6.15 |
||
libupnp project libupnp 1.6.8 |
||
libupnp project libupnp 1.6.7 |
||
libupnp project libupnp 1.6.0 |
||
libupnp project libupnp 1.4.7 |
||
libupnp project libupnp 1.6.14 |
||
libupnp project libupnp 1.6.13 |
||
libupnp project libupnp 1.6.6 |
||
libupnp project libupnp 1.6.5 |
||
libupnp project libupnp 1.4.6 |
||
libupnp project libupnp 1.4.5 |
||
libupnp project libupnp 1.4.4 |
||
libupnp project libupnp |
||
libupnp project libupnp 1.6.10 |
||
libupnp project libupnp 1.6.9 |
||
libupnp project libupnp 1.6.2 |
||
libupnp project libupnp 1.6.1 |
||
libupnp project libupnp 1.4.1 |
||
libupnp project libupnp 1.4.0 |