189 matches found
UBUNTU-CVE-2022-24764
PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API pjmediasdpprint, pjmediasdpmediaprint. Applications that do not use PJSUA2 and do not directly...
PT-2022-2681 · Pjsip +4 · Pjsip +4
Name of the Vulnerable Software and Affected Versions: PJSIP versions 2.12 and prior Description: The issue is related to a stack buffer overflow vulnerability in the PJSIP multimedia communication library, specifically affecting users of PJSUA2 or those who call the API endpoints pjmedia sdp pri...
PJSIP 安全漏洞
PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A security vulnerability exists in PJSIP 2.12 and earlier versions that stems from a stack-based buffer overflow vulnerability in...
Qualcomm 封闭源组件安全漏洞
A security vulnerability exists in the Qualcomm Closed Source component that stems from the absence of a NULL termination check on the SDP, which may result in a buffer over-read when parsing received SDP values...
Qualcomm 封闭源组件 安全漏洞
The Qualcomm Component is a component of Qualcomm Incorporated USA. An intrinsic part that provides the functionality of Qualcomm devices. A security vulnerability exists in the Qualcomm Closed Source Component that stems from the absence of a NULL termination check on the SDP, where a buffer...
ALPINE-CVE-2021-26906
An issue was discovered in respjsipsession.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash...
DEBIAN-CVE-2021-26906
An issue was discovered in respjsipsession.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash...
ALPINE-CVE-2021-26717
An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in the SDP. If this...
Digium Asterisk Security Vulnerability
Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR, and more. A security vulnerability exists in Digium Asterisk. The vulnerability stems from allowing a...
PT-2021-17165 · Asterisk +2 · Asterisk +2
Name of the Vulnerable Software and Affected Versions: Asterisk versions 13.38.1 and earlier, 14.x, 15.x, 16.x through 16.16.0, 17.x through 17.9.1, and 18.x through 18.2.0 Certified Asterisk versions 16.8-cert5 and earlier Description: An issue in res pjsip session.c allows a remote server to...
Wave-Share - Serverless, Peer-To-Peer, Local File Sharing Through Sound
A proof-of-concept for WebRTC signaling using sound. Works with all devices that have microphone + speakers. Runs in the browser. Nearby devices negotiate the WebRTC connection by exchanging the necessary Session Description Protocol SDP data via a sequence of audio tones. Upon successful...
Meetecho Janus Buffer Overflow Vulnerability (CNVD-2020-53119)
Meetecho Janus is a WebRTC Web Real Time Communication server from Meetecho. A buffer overflow vulnerability exists in the 'janusstreamingrtspparsesdp' function in the plugins/janusstreaming.c file in Meetecho Janus 0.10.0 and earlier versions, which originates when the program fails to properly...
DEBIAN-CVE-2020-14033
An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusstreamingrtspparsesdp in plugins/janusstreaming.c has a Buffer Overflow via a crafted RTSP server...
DEBIAN-CVE-2020-14034
An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusgetcodecfrompt in utils.c has a Buffer Overflow via long value in an SDP Offer packet...
UBUNTU-CVE-2020-14034
An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusgetcodecfrompt in utils.c has a Buffer Overflow via long value in an SDP Offer packet...
DEBIAN-CVE-2020-13898
An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janussdpprocess in sdp.c has a NULL pointer dereference...
The vulnerability of the VoIP device Mitel MiVoice 5330e arises from an operation that goes beyond the buffer in memory, allowing an attacker to trigger a service failure and execute arbitrary code.
The vulnerability of the VoIP device Mitel MiVoice 5330e arises from an operation that goes beyond the buffer in memory during the processing of SIP/SDP packets. Exploiting this vulnerability allows a malicious actor to cause service failures and execute arbitrary codes...
DEBIAN-CVE-2019-13161
An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...
UBUNTU-CVE-2019-13161
An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...
CVE-2019-13161
An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...