Buffer Overflow in MiniUPnPc's IGDstartelt Function

Buffer Overflow in MiniUPnPc's IGDstartelt Function

CVE-2015-6031 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.

Learn more about our Cis Benchmark Audit For Server Software.