Miniupnp Project : Security Vulnerabilities, CVEs, Published In 2018 (Memory corruption)

CVE-2018-11578

GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault.
Max CVSS
6.5
EPSS Score
0.09%
Published
2018-05-31
Updated
2018-07-13

CVE-2018-11575

ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg.
Max CVSS
9.8
EPSS Score
0.25%
Published
2018-05-31
Updated
2020-08-24

CVE-2018-10717

The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677.
Max CVSS
8.8
EPSS Score
0.28%
Published
2018-05-03
Updated
2020-08-24

CVE-2018-10677

The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file.
Max CVSS
8.8
EPSS Score
0.58%
Published
2018-05-02
Updated
2020-08-24

CVE-2017-1000494

Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact
Max CVSS
7.8
EPSS Score
0.11%
Published
2018-01-03
Updated
2019-05-30
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close