Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2012-5964

EPSS 72.33% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-5964

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote attackers to execute arbitrary code via a long ServiceType (aka urn service) field in a UDP packet.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
UPnP Devices ‘unique_service_name’函数基于栈的缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
libupnp是一个便携式开源的提供了API和开源代码的UPnP开发工具包。 UPnP Devices (又名libupnp,以前Intel SDK for UPnP设备) 1.3.1版本中的便携式SDK中的SSDP解析器中的ssdp/ssdp_server.c中的‘unique_service_name’函数中存在基于栈的缓冲区溢出漏洞。通过UDP数据包中的较长的DeviceType (又名urn设备)字段,远程攻击者利用该漏洞执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2012-5964

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2012-5964

Please Login to view more intelligence information

Same Patch Batch · n/a · 2013-01-31 · 42 CVEs total

CVE-2011-5255X3 CMS 多个跨站脚本漏洞
CVE-2012-0702IBM InfoSphere Information Server ISF 授权问题漏洞
CVE-2012-0703IBM InfoSphere Information Server ISF 输入验证漏洞
CVE-2012-0705IBM InfoSphere Information Server MBB 输入验证漏洞
CVE-2012-4819IBM InfoSphere Information Server 跨站脚本漏洞
CVE-2012-4832IBM InfoSphere Information Server 信息泄露漏洞
CVE-2012-6029Cisco Network Admission Control 跨站脚本漏洞
CVE-2012-6350IBM Cognos TM1 Web组件跨站脚本漏洞
CVE-2013-1112Cisco IOS XR 未明拒绝服务漏洞
CVE-2013-1113Cisco Unified Communications Domain Manager 跨站脚本漏洞
CVE-2010-5287Cornerstone Technologies webConductor SQL注入漏洞
CVE-2012-0701IBM InfoSphere Information Server DataStage Administrator客户端权限许可和访问控制漏洞
CVE-2012-6522w-CMS 目录遍历漏洞
CVE-2012-6523w-CMS 多个跨站脚本漏洞
CVE-2012-6524pGB ‘kommentar.php’ SQL注入漏洞
CVE-2012-6525PhpBridges ‘members.php’ SQL注入漏洞
CVE-2012-6526Vastal I-Tech Freelance Zone ‘show_code.php’ SQL注入漏洞
CVE-2012-6527WordPress ‘My Calendar’插件跨站脚本漏洞
CVE-2012-6528ATutor 跨站脚本漏洞
CVE-2012-6529Marinet CMS SQL注入漏洞

Showing top 20 of 42 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2012-5964

No comments yet

Leave a comment