N/A

ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write.

N/A

N/A

ReadyMedia 缓冲区错误漏洞

ReadyMedia（原名MiniDLNA）是一套兼容LNA/UPnP-AV客户端的媒体服务软件。该软件支持音乐、图片、视频等媒体文件。 ReadyMedia 1.1.15至1.3.2版本存在安全漏洞，该漏洞源于存在缓冲区溢出问题。攻击者可利用该漏洞控制缓冲区块值，从而导致越界读写。

N/A

N/A