Loading
Generated remediation guidance and an executive summary. No account required.
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.
Use CWE-119, Libupnp Project vendor hub and Libupnp product page to widen CVE-2012-5958 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2012-5961, CVE-2016-8863 and CVE-2020-13848 for nearby disclosures in the same product family.