Libupnp Project - Libupnp CVE

Filtered by vendor Libupnp Project Subscribe

Filtered by product Libupnp

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-8863	2 Debian, Libupnp Project	2 Debian Linux, Libupnp	2017-11-03	7.5 HIGH	9.8 CRITICAL
Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request.

Vulnerabilities (CVE)