Oval Definition:oval:org.opensuse.security:def:20168863
Revision Date:2022-06-30Version:1
Title:CVE-2016-8863
Description:

Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-8863
Mitre CVE-2016-8863
SUSE CVE-2016-8863
openSUSE-SU-2017:1485-1
Platform(s):openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap 42.2
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • libupnp-1.6.21-4.3.1 is installed
  • AND libupnp is signed with openSUSE key
  • OR
  • libupnp-devel-1.6.21-4.3.1 is installed
  • AND libupnp-devel is signed with openSUSE key
  • OR
  • libupnp6-1.6.21-4.3.1 is installed
  • AND libupnp6 is signed with openSUSE key
  • OR
  • libupnp6-32bit-1.6.21-4.3.1 is installed
  • AND libupnp6-32bit is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libixml11-1.14.10-1.2 is installed
  • OR libixml11-32bit-1.14.10-1.2 is installed
  • OR libupnp-devel-1.14.10-1.2 is installed
  • OR libupnp17-1.14.10-1.2 is installed
  • OR libupnp17-32bit-1.14.10-1.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • libixml11-1.14.0-bp153.1.19 is installed
  • AND libixml11 is signed with openSUSE key
  • OR
  • libupnp17-1.14.0-bp153.1.19 is installed
  • AND libupnp17 is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • libixml11-1.14.12-bp154.1.66 is installed
  • AND libixml11 is signed with openSUSE key
  • OR
  • libupnp17-1.14.12-bp154.1.66 is installed
  • AND libupnp17 is signed with openSUSE key
    • BACK