Vulnerabilities > Miniupnp Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-11-02 | CVE-2015-6031 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name. | 6.8 |
2014-09-11 | CVE-2014-3985 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read. | 5.0 |
2013-01-31 | CVE-2013-1462 | Numeric Errors vulnerability in Miniupnp Project Miniupnpd 1.0 Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230. | 7.8 |
2013-01-31 | CVE-2013-1461 | Denial-Of-Service vulnerability in Miniupnp Project Miniupnpd 1.0 The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230. | 7.8 |
2013-01-31 | CVE-2013-0230 | Buffer Errors vulnerability in Miniupnp Project Miniupnpd 1.0 Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method. | 10.0 |
2013-01-31 | CVE-2013-0229 | Denial of Service vulnerability in MiniUPnP The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read. | 7.8 |