What is CVE-2012-5958?

CVE-2012-5958 is a vulnerability in Libupnp_project Libupnp, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2013-01-31.

Is CVE-2012-5958 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Libupnp_project Libupnp

CVE-2012-5958

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to e…

Vulnerability class: Buffer Overflow

EPSS: 0.879 (99.5th percentile) — read the EPSS interpretation.

Affected products

Libupnp_project Libupnp — versions 1.4.0, 1.4.1, 1.4.2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

20130129 Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities (x_refsource_CISCO, vendor-advisory)
MDVSA-2013:098 (vendor-advisory, x_refsource_MANDRIVA)
cret@cert.org (x_refsource_CONFIRM)
cret@cert.org (x_refsource_MISC)
cret@cert.org (x_refsource_CONFIRM)
DSA-2615 (vendor-advisory, x_refsource_DEBIAN)
cret@cert.org (x_refsource_CONFIRM)
cret@cert.org (x_refsource_CONFIRM)
DSA-2614 (vendor-advisory, x_refsource_DEBIAN)
57602 (Exploit, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2012-5958?: CVE-2012-5958 is a vulnerability in Libupnp_project Libupnp, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2013-01-31.
Is CVE-2012-5958 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.