CVE-2017-1000494
Description
Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.08
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| UPnP IGD client lightweight library (USN-3562-1) libminiupnpc8_1.6-3ubuntu2.14.04.4_i386.deb | Linux |
| UPnP IGD client lightweight library (USN-3562-1) libminiupnpc8_1.6-3ubuntu2.14.04.4_amd64.deb | Linux |
| UPnP IGD client lightweight library (USN-3562-1) libminiupnpc10_1.9.20140610-4ubuntu1.1_i386.deb | Linux |
| UPnP IGD client lightweight library (USN-3562-1) libminiupnpc10_1.9.20140610-4ubuntu1.1_amd64.deb | Linux |
| UPnP IGD client lightweight library (USN-3562-1) libminiupnpc10_1.9.20140610-2ubuntu2.16.04.2_i386.deb | Linux |
| UPnP IGD client lightweight library (USN-3562-1) libminiupnpc10_1.9.20140610-2ubuntu2.16.04.2_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234