693 matches found
DEBIAN-CVE-2022-23537
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
CVE-2022-23537
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
Design/Logic Flaw
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
UBUNTU-CVE-2022-23537
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
CVE-2022-23537 PJSIP vulnerable to heap buffer overflow when decoding STUN message
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
CVE-2022-23537
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
CVE-2022-23537 PJSIP vulnerable to heap buffer overflow when decoding STUN message
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
CVE-2022-23537
CVE-2022-23537 affects the pjproject family (PJSIP/PJNATH) used for STUN processing. The issue is a buffer overread that occurs when parsing a specially crafted STUN message containing an unknown attribute, as described in the CVE entry. The vulnerability applies to applications using STUN featur...
CVE-2022-23537 PJSIP vulnerable to heap buffer overflow when decoding STUN message
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
CVE-2022-23537
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...
PT-2022-6027 · Pjsua-Lib +6 · Pjsua-Lib +6
Name of the Vulnerable Software and Affected Versions: PJSIP versions prior to 2.13.1 Description: The issue is related to a buffer overread that can occur when parsing a specially crafted STUN message with an unknown attribute. This can affect applications that use STUN, including PJNATH and...
UBUNTU-CVE-2022-42705
A use-after-free in respjsippubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk denial of service by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing...
Stack Buffer Overflow
pjproject, edge is vulnerable to stack buffer overflow. The vulnerability exists because pjsip users that use STUN in their applications, either by: setting a STUN server in their account/media config in pjsua/pjsua2 level, or directly using pjlib-util/stunsimple api...
Debian dla-3194 : asterisk - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3194 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3194-1 [email protected]...
Debian DSA-5285-1 : asterisk - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5285 advisory. - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN,...
The vulnerability of the PJSIP multimedia communication library arises from the improper switching of multimedia transport mechanisms from SRTP to the basic RTP after SRTP is restarted. This allows an intruder to gain unauthorized access to protected information.
The vulnerability of the PJSIP multimedia communication library is related to the improper switching of multimedia transport mechanisms from SRTP to the basic RTP after SRTP is restarted. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected informatio...
ROS-20221103-02
PJSIP multimedia library vulnerability is related to a buffer overflow error in the PJSIP parser PJSIP parser, PJMEDIA RTP decoder and PJMEDIA SDP parser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a flow failure and gain access to potentially sensitive...
PJSIP: Multiple Vulnerabilities
Background PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Description Multiple vulnerabilities have been discovered in PJSIP. Please review the CVE identifiers referenced belo...
GLSA-202210-37 : PJSIP: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202210-37 PJSIP: Multiple Vulnerabilities - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before...
Information Disclosure
libpjsip.so is vulnerable to information disclosure. The vulnerability exists during packet processing in the function srtprtpcb in transportsrtp.c because PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart which allows an attacker to gain access to...