CVE-2017-12087

Name of the Vulnerable Software and Affected Versions tinysvcmdns version 2016-07-18

Description A heap overflow issue exists in the tinysvcmdns library, allowing a specially crafted packet to overwrite an arbitrary amount of data on the heap with attacker-controlled values. This can be triggered by sending a dns packet.

Recommendations For tinysvcmdns version 2016-07-18, consider restricting access to the library until a patch is available to prevent potential exploitation. As a temporary workaround, avoid using the library to handle dns packets from untrusted sources. At the moment, there is no information about a newer version that contains a fix for this vulnerability.