ROS-20250812-06

Vulnerability of Sofia-SIP user agent library session initiation protocol is related to the the ability to write outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code by sending specially crafted STUN packets The...

USN-6448-1 sofia-sip vulnerability

Xu Biang discovered that Sofia-SIP did not properly manage memory when handling STUN packets. An attacker could use this issue to cause Sofia-SIP to crash, resulting in a denial of service, or possibly execute arbitrary code...

Sofia-SIP 输入验证错误漏洞

Sofia-SIP is an open source SIP user agent library from the individual developers of freeswitch that conforms to the IETF RFC3261 specification. A security vulnerability exists in Sofia-SIP versions prior to 1.13.15, which stems from a lack of attribute length checking when Sofia-SIP processes ST...

PJSIP 缓冲区错误漏洞

PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP suffers from a security vulnerability that stems from the possibility of overwriting buffers when it parses STUN messages...

Mozilla: Use-After-Free when trying to connect to a STUN server

The Mozilla Foundation Security Advisory describes this flaw as: When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash...

The vulnerability of the Pidgin instant messaging system allows a remote attacker to trigger a service denial.

The Pidgin software contains a vulnerability in its component designed to work with the STUN protocol. Exploiting this vulnerability allows a remote attacker to induce a service denial by manipulating the software sockets...