CVE-2020-13848
EUVD-2020-605904.06.2020, 20:15
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| libupnp_project | libupnp | 𝑥 ≤ 1.12.1 |
| debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libupnp |
| ||||||||||||||||||||||||||
| pupnp-1.8 |
|
Common Weakness Enumeration
References