| Revision Date: | 2022-06-30 | Version: | 1 |
| Title: | CVE-2012-5958 |
| Description: |
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2012-5958
Mitre CVE-2012-5958
SUSE CVE-2012-5958
openSUSE-SU-2013:0255-1
|
| Platform(s): | openSUSE 12.1
openSUSE 12.1 Update
openSUSE 12.2 Update
openSUSE 13.2
openSUSE Leap 42.2
openSUSE Tumbleweed
| Product(s): | |
| Definition Synopsis |
| openSUSE 13.2 is installed AND libupnp6-1.6.18-4.1.2 is installed
|
| Definition Synopsis |
| openSUSE Leap 42.2 is installed
AND Package Information
libupnp6-1.6.19-3.5 is installed
AND libupnp6 is signed with openSUSE key
|
| Definition Synopsis |
| openSUSE Tumbleweed is installed
AND Package Information
libupnp-devel-1.6.19-1.8 is installed
OR libupnp6-1.6.19-1.8 is installed
OR libupnp6-32bit-1.6.19-1.8 is installed
|