693 matches found
Code injection
In the pjsip channel driver respjsip in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash...
CVE-2017-14098
In the pjsip channel driver respjsip in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash...
CVE-2017-14098
CVE-2017-14098 affects the Asterisk pjsip channel driver (res_pjsip). A specially crafted tel URI in a From, To, or Contact header can cause Asterisk to crash. Affected versions are Asterisk 13.x prior to 13.17.1 and 14.x prior to 14.6.1. The vulnerability is demonstrated by crash behavior withou...
CVE-2017-14098
In the pjsip channel driver respjsip in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash...
CVE-2017-14098
In the pjsip channel driver respjsip in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash...
Digium Asterisk Denial of Service Vulnerability (CNVD-2017-30817)
Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail , multi-party voice conferencing , interactive voice response IVR , etc. pjsip channel driver respjsip is one of the pjsip driver . A security vulnerability exists in t...
Debian: Security Advisory (DSA-3933-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Buffer overflow
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service buffer overflow and application crash via a SIP packet with a crafted CSeq header in conjunction...
CVE-2017-9372
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service buffer overflow and application crash via a SIP packet with a crafted CSeq header in conjunction...
CVE-2017-9372
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service buffer overflow and application crash via a SIP packet with a crafted CSeq header in conjunction...
CVE-2017-9372
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service buffer overflow and application crash via a SIP packet with a crafted CSeq header in conjunction...
UBUNTU-CVE-2017-9372
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service buffer overflow and application crash via a SIP packet with a crafted CSeq header in conjunction...
CVE-2017-9372
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service buffer overflow and application crash via a SIP packet with a crafted CSeq header in conjunction...
CVE-2017-9372
The CVE-2017-9372 entry affects PJSIP/PJProject used in Asterisk Open Source (13.x before 13.15.1, 14.x before 14.4.1) and Certified Asterisk (13.13 before 13.13-cert4). The issue allows remote attackers to cause a denial of service (buffer overflow and application crash) via a SIP packet with a ...
CVE-2017-9372
Removed by vendor...
CVE-2017-9359
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...
Out-of-bounds
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...
CVE-2017-9359
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...
CVE-2017-9359
CVE-2017-9359 affects the PJProject/PJSIP multi-part body parser used by Asterisk Open Source (13.x prior to 13.15.1; 14.x prior to 14.4.1) and Certified Asterisk (and other products). The vulnerability arises in the body parser handling crafted packets, allowing remote attackers to cause a denia...
CVE-2017-9359
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...