CVE-2023-1900
published 2023-04-19CVE-2023-1900: A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data…
PriorityP419medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
0.30%
21.5th percentile
A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data on the heap and lead to a denial-of-service situation.
Issue was fixed with Endpointprotection.exe version 1.0.2303.633
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| avira | antivirus | < 1.0.2303.633 | 1.0.2303.633 |
| avira | avira_antivirus | < 1.0.2303.633 | 1.0.2303.633 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET INFO UPnP Discovery Search Response - CVE-2012-5958 and CVE-2012-5959 Vulnerable UPnP device M2
suricata·2013-01-30·CVSS 10.0
CVE-2012-5958 [CRITICAL] ET INFO UPnP Discovery Search Response - CVE-2012-5958 and CVE-2012-5959 Vulnerable UPnP device M2
ET INFO UPnP Discovery Search Response - CVE-2012-5958 and CVE-2012-5959 Vulnerable UPnP device M2
Rule: alert udp $HOME_NET 1900 -> any any (msg:"ET INFO UPnP Discovery Search Response - CVE-2012-5958 and CVE-2012-5959 Vulnerable UPnP device M2"; content:"Intel SDK for UPnP devices"; pcre:"/^Server\x3a[^\r\n]*Intel SDK for UPnP devices/mi"; reference:url,community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play; reference:url,upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.1.pdf; reference:cve,2012-5958; reference:cve,2012-5959; classtype:bad-unknown; sid:2016303; rev:5; metadata:created_at 2013_01_30, cve CVE_2012_5958, deployment Perimeter, confidence High, signature_severity Minor, updated_at 2023_05_02; target:src_ip;)
Suricata
ET INFO UPnP Discovery Search Response - CVE-2012-5958 and CVE-2012-5959 Vulnerable UPnP device M1
suricata·2013-01-30·CVSS 10.0
CVE-2013-0229 [CRITICAL] ET INFO UPnP Discovery Search Response - CVE-2012-5958 and CVE-2012-5959 Vulnerable UPnP device M1
ET INFO UPnP Discovery Search Response - CVE-2012-5958 and CVE-2012-5959 Vulnerable UPnP device M1
Rule: alert udp $HOME_NET 1900 -> any any (msg:"ET INFO UPnP Discovery Search Response - CVE-2012-5958 and CVE-2012-5959 Vulnerable UPnP device M1"; content:"miniupnpd/1."; fast_pattern; pcre:"/^Server\x3a[^\r\n]*miniupnpd\/1\.[0-3]/mi"; reference:url,community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play; reference:url,upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.1.pdf; reference:cve,2013-0229; classtype:bad-unknown; sid:2016302; rev:7; metadata:created_at 2013_01_30, cve CVE_2013_0229, deployment Perimeter, confidence High, signature_severity Minor, updated_at 2023_05_02; target:src_ip;)
No public exploits indexed.
No writeups or analysis indexed.
2023-04-19
Published