CVE

Id
95683  
CVE No.
CVE-2016-8863  
Status
Candidate  
Description
Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request.  
Phase
Assigned (20161020)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
799115 95683 CVE-2016-8863 CONFIRM:https://sourceforge.net/p/pupnp/bugs/133/  View
799116 95683 CVE-2016-8863 CONFIRM:https://sourceforge.net/p/pupnp/code/ci/master/tree/ChangeLog  View
799117 95683 CVE-2016-8863 DEBIAN:DSA-3736  View
799118 95683 CVE-2016-8863 URL:https://www.debian.org/security/2016/dsa-3736  View
799119 95683 CVE-2016-8863 BID:92849  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
4971 JVNDB-2016-005744 Micro Focus Rumba の send.exe および receive.exe コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性 Micro Focus Rumba の send.exe および receive.exe コンポーネントには、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2016-9176 95683 7.5 9.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005744.html  View