Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:miniupnp_project:miniupnpc:1.9:2015-06-16
There are 1 matching records.
Displaying matches 1 through 1.
Vuln ID Summary CVSS Severity

Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.

Published: November 02, 2015; 2:59:14 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM