Lucene search
Gentoo FoundationMGASA-2013-0279HistorySep 19, 2013 - 1:32 p.m.
Updated freeswitch packages fix security vulnerability
2013-09-1913:32:15
Gentoo Foundation
advisories.mageia.org
10
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.8%
In FreeSWITCH before 1.2.12, if the routing configuration includes regular expressions that don’t constrain the length of the input, buffer overflows are possible. Since these regular expressions are matched against untrusted input, remote code execution may be possible (CVE-2013-2238).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | freeswitch | < 1.2.12-6 | freeswitch-1.2.12-6.mga3 |
Related
cve
cve
CVE-2013-2238
2022-10-03 16:15:00
openvas
openvas
FreeSWITCH 'switch_regex.c' Multiple Buffer Overflow Vulnerabilities
2013-10-07 00:00:00
Mageia: Security Advisory (MGASA-2013-0279)
2022-01-28 00:00:00
prion
prion
Buffer overflow
2013-09-30 22:55:00
nvd
nvd
CVE-2013-2238
2013-09-30 22:55:04
cvelist
cvelist
CVE-2013-2238
2022-10-03 16:15:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.8%
Related for MGASA-2013-0279