CVE-2014-3985 – Ubuntu Security Notice USN-2280-1

https://notcve.org/view.php?id=CVE-2014-3985

16 Jul 2014 — The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read. La función The getHTTPResponse en miniwget.c en MiniUPnP 1.9 permite a atacantes remotos causar una denegación de servicio (caída) a través de cabeceras manipuladas que provocan una lectura fuera de rango. It was discovered that MiniUPnPc incorrectly handled certain buffer lengths. A remote attacker could possibly use this issue to ca... • http://lists.opensuse.org/opensuse-updates/2014-06/msg00039.html •