CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

UbuntuCve•added 2014/04/18 10:14 p.m.•34 views

CVE-2014-2289

res/respjsipextenstate.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service crash via a SUBSCRIBE request without any Accept headers, which triggers an invalid pointer dereference...

3.5CVSS5.9AI score0.03251EPSS

Exploits0References6

CVE•added 2014/04/18 7:0 p.m.•67 views

CVE-2014-2289

CVE-2014-2289 affects Asterisk Open Source 12.x prior to 12.1.0 in res/res_pjsip_exten_state.c (PJSIP channel driver). A remote authenticated user can trigger a denial of service (crash) by sending a SUBSCRIBE request without Accept headers, causing an invalid pointer dereference. The issue is fi...

3.5CVSS6.1AI score0.03251EPSS

Exploits0References5Affected Software1

securityvulns•added 2014/03/13 12:0 a.m.•60 views

AST-2014-004: Remote Crash Vulnerability in PJSIP Channel Driver Subscription Handling

Asterisk Project Security Advisory - AST-2014-004 Product Asterisk Summary Remote Crash Vulnerability in PJSIP Channel Driver Subscription Handling Nature of Advisory Denial of Service Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known No Reported On January 14th, 2014...

3.5CVSS0.3AI score0.03251EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by