1
Candidate: CVE-2016-8863
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863
6
Heap-based buffer overflow in the create_url_list function in
7
gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows
8
remote attackers to cause a denial of service (crash) or possibly execute
9
arbitrary code via a valid URI followed by an invalid one in the CALLBACK
10
header of an SUBSCRIBE request.
14
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842093
15
https://sourceforge.net/p/pupnp/bugs/133/
21
upstream_libupnp: needs-triage
22
precise_libupnp: ignored (reached end-of-life)
23
precise/esm_libupnp: DNE (precise was needed)
24
trusty_libupnp: released (1:1.6.17-1.2+deb7u2build0.14.04.1)
25
vivid/stable-phone-overlay_libupnp: DNE
26
vivid/ubuntu-core_libupnp: DNE
27
xenial_libupnp: needed
28
yakkety_libupnp: ignored (reached end-of-life)
29
zesty_libupnp: ignored (reached end-of-life)
30
artful_libupnp: needed
31
bionic_libupnp: needed
35
upstream_libupnp4: needs-triage
36
precise_libupnp4: ignored (reached end-of-life)
37
precise/esm_libupnp4: DNE (precise was needed)
38
trusty_libupnp4: released (1.8.0~svn20100507-1.2+deb7u1build0.14.04.1)
39
vivid/stable-phone-overlay_libupnp4: DNE
40
vivid/ubuntu-core_libupnp4: DNE