CVE-2014-3985

Priority
Medium
Description
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote
attackers to cause a denial of service (crash) via crafted headers that
trigger an out-of-bounds read.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:released (1.6-4)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (1.6-3ubuntu1.1)
Ubuntu 14.04 LTS (Trusty Tahr):released (1.6-3ubuntu2.14.04.1)
Ubuntu 14.10 (Utopic Unicorn):not-affected (1.6-4ubuntu1)
Patches:
Upstream:https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9
More Information

Valid XHTML 1.0 Strict

Updated: 2014-09-18 02:14:47 UTC (commit 8497)