693 matches found
CVE-2022-24754
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...
ROS-20220310-01
PJSIP multimedia communication library vulnerability is related to a boundary error in the PJSUA API during the pjsuaplaylistcreate call. Exploitation of the vulnerability could allow an attacker acting remotely, cause a stack buffer overflow and execute arbitrary code on the target system The...
PT-2022-2678 · Pjsip +4 · Pjsip +4
Name of the Vulnerable Software and Affected Versions: PJSIP versions prior to and including 2.12 Description: The issue is a stack-buffer overflow vulnerability in the PJSIP library, which only impacts users who accept hashed digest credentials with data type PJSIP CRED DATA DIGEST. This...
FreeBSD : asterisk -- multiple vulnerabilities (964c5460-9c66-11ec-ad3a-001999f8d30b)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 964c5460-9c66-11ec-ad3a-001999f8d30b advisory. - PJSIP is a free and open source multimedia communication library written in C language...
The vulnerability of the PJSIP multimedia communication library, related to a countable loss of significance, allows attackers to execute arbitrary code.
The vulnerability of the PJSIP multimedia communication library is related to a countable loss of significance during the processing of messages with the ERROR-CODE attribute. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...
Critical Bugs Reported in Popular Open Source PJSIP SIP and Media Stack
As many as five security vulnerabilities have been disclosed in the PJSIP open-source multimedia communication library that could be abused by an attacker to trigger arbitrary code execution and denial-of-service DoS in applications that use the protocol stack. The weaknesses were identified and...
RCE Bugs in Hugely Popular VoIP Apps: Patch Now!
Some of the world’s most popular communication apps are using an open-source library riddled with newfound security holes. One thing this open-source, flawed library shares with the Apache Log4J logging library fiasco that started in December: It’s ubiquitous. The library, PJSIP – an open-source...
RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now!
WhatsApp and BlueJeans are just two of the world’s most popular communication apps that are using an open-source library riddled with newfound security holes. One thing this open-source, flawed library shares with the Apache Log4J logging library fiasco that started in December: It’s ubiquitous...
CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
DEBIAN-CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
Design/Logic Flaw
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
CVE-2022-23608 Use after free in PJSIP
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
CVE-2022-23608 Use after free in PJSIP
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
CVE-2022-23608
CVE-2022-23608 affects PJSIP/pjproject up to version 2.11.1. In a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can be prematurely freed when a dialog is destroyed, causing the same dialog set to be registered in the hash table multiple times with different hash keys...
CVE-2022-23608 Use after free in PJSIP
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
PT-2022-1916
Name of the Vulnerable Software and Affected Versions PJSIP affected versions not specified Description The issue is related to a stack overflow in the PJSUA API when calling the pjsua player create function. An attacker-controlled filename argument may cause a buffer overflow since it is copied ...
CVE-2022-21723
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause...