Информационная безопасность
[RU] switch to English


CVECVE-2015-6031
СтатусCandidate
ОписаниеBuffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
PhaseAssigned (14.08.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6031
ReferencesDEBIAN : DSA-3379
 MISC : http://talosintel.com/reports/TALOS-2015-0035/
 CONFIRM : https://github.com/miniupnp/miniupnp/blob/master/m...
 CONFIRM : https://github.com/miniupnp/miniupnp/commit/79cca9...
 UBUNTU : USN-2780-1
 UBUNTU : USN-2780-2
SecurityVulns:Переполнение буфера в библиотеке MiniUPnP
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород