Debian Linux Security Advisory 3379-1 – Aleksandar Nikolic of Cisco Talos discovered a buffer overflow vulnerability in the XML parser functionality of miniupnpc, a UPnP IGD client lightweight library. A remote attacker can take advantage of this flaw to cause an application using the miniupnpc library to crash, or potentially to execute arbitrary code with the privileges of the user running the application.