CVE-2015-6031
EPSS 3.2%miniupnpc - security update
發布日:2015/11/2修改日:2026/3/9
描述
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
受影響套件(2)
- Debian/miniupnpcfrom 0, < 1.9.20140610-2.1
- Debian/miniupnpcfrom 0, < 1.5-2+deb7u1