2 matches found
CVE-2014-2289
CVE-2014-2289 affects Asterisk Open Source 12.x prior to 12.1.0 in res/res_pjsip_exten_state.c (PJSIP channel driver). A remote authenticated user can trigger a denial of service (crash) by sending a SUBSCRIBE request without Accept headers, causing an invalid pointer dereference. The issue is fi...
AST-2014-004: Remote Crash Vulnerability in PJSIP Channel Driver Subscription Handling
Asterisk Project Security Advisory - AST-2014-004 Product Asterisk Summary Remote Crash Vulnerability in PJSIP Channel Driver Subscription Handling Nature of Advisory Denial of Service Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known No Reported On January 14th, 2014...