CVE-2014-3985

EPSS 1.9%

Published: 9/11/2014Modified: 4/28/2026

Description

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read.

Affected packages (1)

Debian/miniupnpcfrom 0, < 1.6-4

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-3985