6.7 Medium
AI Score
Confidence
Low
0.047 Low
EPSS
Percentile
92.7%
Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.
downloads.digium.com/pub/security/AST-2019-002.html
issues.asterisk.org/jira/browse/ASTERISK-28447