Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2019-12106

Published: 15/05/2019 Updated: 27/05/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Miniupnp Project

Vulnerability Summary

The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote malicious user to crash the process due to a Use After Free vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

miniupnp project miniupnpd 1.5

miniupnp project miniupnpd 1.4

Vendor Advisories

Debian CVElist Bug Report Logs: minissdpd: CVE-2019-12106
Debian Bug report logs - #929297 minissdpd: CVE-2019-12106 Package: minissdpd; Maintainer for minissdpd is Thomas Goirand <zigo@debianorg>; Source for minissdpd is src:minissdpd (PTS, buildd, popcon) Reported by: "Chris Lamb" <lamby@debianorg> Date: Tue, 21 May 2019 06:09:01 UTC Severity: grave Tags: fixed-upstrea ...

References

CWE-416https://www.vdoo.com/blog/security-issues-discovered-in-miniupnphttps://github.com/miniupnp/miniupnp/commit/cd506a67e174a45c6a202eff182a712955ed6d6fhttps://lists.debian.org/debian-lts-announce/2019/05/msg00037.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929297https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook