Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2013-2238
cve-2013-2238
buffer overflows
switch_perform_substitution
freeswitch 1.2
denial of service
remote attackers
execute arbitrary code
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.8%
Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted variables.
Affected configurations
Node
freeswitchfreeswitchMatch1.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| freeswitch:freeswitch | freeswitch | eq | 1.2 |
Related
openvas
openvas
FreeSWITCH 'switch_regex.c' Multiple Buffer Overflow Vulnerabilities
2013-10-07 00:00:00
Mageia: Security Advisory (MGASA-2013-0279)
2022-01-28 00:00:00
prion
prion
Buffer overflow
2013-09-30 22:55:00
mageia
mageia
Updated freeswitch packages fix security vulnerability
2013-09-19 13:32:15
nvd
nvd
CVE-2013-2238
2013-09-30 22:55:04
cvelist
cvelist
CVE-2013-2238
2022-10-03 16:15:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.8%
Related for CVE-2013-2238