Stack-based Buffer Overflow in MiniUPnP ngiflib by MiniUPnP
CVE-2018-11575

9.8CRITICAL

Key Information:

Vendor: Miniupnp Project
Status: Ngiflib
Vendor: CVE Published:; 31 May 2018

🔔 Create Miniupnp Project Vulnerability Alert

What is CVE-2018-11575?

The ngiflib component of MiniUPnP version 0.4 is susceptible to a stack-based buffer overflow in the DecodeGifImg function. This flaw can potentially allow an attacker to execute arbitrary code on the affected system, compromising its integrity and security. Users should be aware of this vulnerability and apply necessary updates or mitigations to safeguard their systems against potential exploitation.

References

https://github.com/miniupnp/ngiflib/issues/4

x_refsource_MISC

https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 31, 2018
Vulnerability Reserved
May 30, 2018

CVE-2018-11575 Data

JSON