asterisk -- denial of service vulnerability, local system access

2006-04-07T00:00:00
ID 8B683BEA-D49C-11DA-A672-000E0C2E438A
Type freebsd
Reporter FreeBSD
Modified 2006-04-07T00:00:00

Description

Emmanouel Kellenis reports a denial of service vulnerability within asterisk. The vulnerability is caused by a buffer overflow in "format_jpeg.c". A large JPEG image could trigger this bug, potentially allowing a local attacker to execute arbitrary code.