DEBIAN-CVE-2021-43804

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length, this declared length is not checked against th...

PT-2021-6171 · Pjsip +3 · Pjsip +3

Name of the Vulnerable Software and Affected Versions: PJSIP versions prior to the fixed version Description: The issue is related to a buffer overflow in the PJSIP library when handling the length of RTCP BYE messages. This can be exploited by a remote attacker to execute arbitrary code. The...