date: 2008-05-11T00:00:00.000Z
summary: Remote UPnP discovery DoS
discoveredBy: Andrew Hunt and Christian Grothoff
The UPnP functionality in libpurple allows remote attackers to trigger the
download of arbitrary files and cause a denial of service (memory or disk
consumption) via a UDP packet that specifies an arbitrary URL.
UPnP related downloads are limited to 128kB.