The upnpeventprepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.
{ "vanir_signatures": [ { "digest": { "function_hash": "195679768704586215033078307573186238936", "length": 1508.0 }, "source": "https://github.com/miniupnp/miniupnp/commit/bec6ccec63cadc95655721bc0e1dd49dac759d94", "id": "CVE-2019-12107-42d7d78d", "signature_type": "Function", "target": { "function": "upnp_event_prepare", "file": "miniupnpd/upnpevents.c" }, "deprecated": false, "signature_version": "v1" }, { "digest": { "line_hashes": [ "31829152111797825752361440611653672070", "284513230929457560699859306313400890858", "136919503779593078372569521745139641541", "99685459232863163817127490133231909025", "116712342579002471287631504796548362066", "262273617044590758602506530763631952550", "33219058818071785548471089399129013458", "299211648667557767368658636759393381547", "282102314380628232753679378713167776448", "62681865327836303194440910103624284005", "193863581451124486325341812480459615032", "308586944826040207057606190186882127775", "292338810521778515172698147174140115133", "26681558393830868089046736420639820122", "189813870036684337725930423983297212992", "139480626637839776444691529098610859545" ], "threshold": 0.9 }, "source": "https://github.com/miniupnp/miniupnp/commit/bec6ccec63cadc95655721bc0e1dd49dac759d94", "id": "CVE-2019-12107-a5248e92", "signature_type": "Line", "target": { "file": "miniupnpd/upnpevents.c" }, "deprecated": false, "signature_version": "v1" } ] }