The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-252,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| miniupnp.free | miniupnpd | * |
An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| miniupnp.free | miniupnpd | * |