Vulnerability Details : CVE-2009-2174
Potential exploit
GUPnP 0.12.7 allows remote attackers to cause a denial of service (crash) via an empty (1) subscription or (2) control message.
Vulnerability category: Denial of service
Products affected by CVE-2009-2174
- cpe:2.3:a:gupnp:gupnp:0.12.7:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-2174
16.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-2174
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2009-2174
-
http://www.vupen.com/english/advisories/2009/1597
Site en constructionPatch;Vendor Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00607.html
[SECURITY] Fedora 10 Update: gupnp-0.12.8-1.fc10Patch
-
http://www.securityfocus.com/bid/35390
Exploit;Patch
-
http://secunia.com/advisories/35472
About Secunia Research | FlexeraVendor Advisory
-
http://www.osvdb.org/55128
404 Not FoundPatch
-
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00494.html
[SECURITY] Fedora 11 Update: gupnp-0.12.8-1.fc11Patch
-
http://bugzilla.openedhand.com/show_bug.cgi?id=1604
Exploit
-
http://secunia.com/advisories/35482
About Secunia Research | FlexeraVendor Advisory
-
http://git.gupnp.org/cgit.cgi?url=gupnp/tree/NEWS&id=ce714a6700ce03953a2886a66ec57db59205f4e6
Jump to