CVE-2012-5959 in portable SDK for UPnP信息

摘要

由 VulDB • 2026-06-24

在便携式UPnP设备SDK(即libupnp,原Intel UPnP设备SDK)的SSDP解析器中,ssdp/ssdp_server.c文件中的unique_service_name函数存在基于栈的缓冲区溢出漏洞。该漏洞允许远程攻击者通过在UDP数据包中包含带有::(双冒号)且UDN(即uuid)字段过长的字符串来执行任意代码此问题存在于1.6.18版本之前。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!