693 matches found
CVE-2023-27585
Summary: CVE-2023-27585 affects the PJSIP DNS resolver in the pjproject library. The vulnerability is a buffer overflow in the parsing of DNS query records (parse_query()) for versions 2.13 and earlier. Impact: as described, it can cause a crash (availability impact) with no confidentiality/integ...
PT-2023-21227 · Pjsip +4 · Pjsip +4
Name of the Vulnerable Software and Affected Versions: PJSIP versions 2.13 and prior Description: A buffer overflow issue affects applications using the PJSIP DNS resolver, specifically in the parse query function. This issue does not impact PJSIP users who do not use the PJSIP DNS resolver...
CVE-2023-27585
PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...
CVE-2023-27585
PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...
CVE-2023-27585
PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to...
Debian DSA-5358-1 : asterisk - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5358 advisory. Multiple security vulnerabilities have been discovered in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be...
Debian dla-3335 : asterisk - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3335 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3335-1 [email protected]...
SUSE CVE-2017-16672
An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. A memory leak occurs when an Asterisk pjsip session object is created and that call gets rejected before the session itself is fully...
SUSE CVE-2018-1000098
Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2...
The vulnerability of the PJSIP multimedia library, related to buffer overflows in dynamic memory, allows attackers to execute arbitrary code on the target system.
The vulnerability of the PJSIP multimedia library is related to a boundary error during the decoding of STUN messages. Exploiting this vulnerability allows an attacker to send a specially crafted STUN message to the application, cause a buffer overflow, and execute arbitrary code on the target...
ROS-20221227-02
A vulnerability in the PJSIP multimedia library is related to a boundary error in the decoding of STUN messages. Exploitation of the vulnerability could allow an attacker acting remotely to transmit a specially crafted STUN message to an application, cause a heap buffer overflow, and execute...
CVE-2022-23547
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...
DEBIAN-CVE-2022-23547
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...
Design/Logic Flaw
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...
CVE-2022-23547 Heap buffer overflow in pjproject when decoding STUN message
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...
CVE-2022-23547
CVE-2022-23547 is a vulnerability in the pjproject/PJSIP stack used by Ring and related components. It describes a possible buffer overread when parsing a STUN message. Affected products/areas: embedded pjproject components in Ring (PJSIP/PJNATH/PJSUA-LIB use), with the issue arising during STUN ...
CVE-2022-23547
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...
CVE-2022-23547 Heap buffer overflow in pjproject when decoding STUN message
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...
CVE-2022-23547
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...
CVE-2022-23537
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...