Vulnerabilities > Portable SDK FOR Upnp Project > Portable SDK FOR Upnp > 1.4.1

DATE	CVE	VULNERABILITY TITLE	RISK
2013-01-31	CVE-2012-5960	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Portable SDK FOR Upnp Project Portable SDK FOR Upnp Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN (aka upnp:rootdevice) field in a UDP packet. network low complexity portable-sdk-for-upnp-project CWE-119 critical	10.0
2013-01-31	CVE-2012-5959	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Portable SDK FOR Upnp Project Portable SDK FOR Upnp Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN (aka uuid) field within a string that contains a :: (colon colon) in a UDP packet. network low complexity portable-sdk-for-upnp-project CWE-119 critical	10.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.