Lucene search
K

34 matches found

CVE
CVE
added 2018/05/30 8:0 p.m.59 views

CVE-2018-11518

CVE-2018-11518 describes a phreaking attack on HCL legacy IVR systems that do not use VoIP. The vulnerability arises from handling of audio-frequency signals (DTMF) within a phone call, where an attacker can record the tones and trigger a service activation. The issue is a request-forgery : if th...

8.1CVSS7.9AI score0.0142EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/05/30 8:0 p.m.21 views

CVE-2018-11518

A vulnerability allows a phreaking attack on HCL legacy IVR systems that do not use VoIP. These IVR systems rely on various frequencies of audio signals; based on the frequency, certain commands and functions are processed. Since these frequencies are accepted within a phone call, an attacker can...

8AI score0.0142EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/02/06 12:0 a.m.31 views

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2018:0361-1)

This update for MozillaFirefox to version ESR 52.6 fixes several issues. These security issues were fixed : - CVE-2018-5091: Use-after-free with DTMF timers bsc1077291. - CVE-2018-5095: Integer overflow in Skia library during edge builder allocation bsc1077291. - CVE-2018-5096: Use-after-free whi...

9.8CVSS7.5AI score0.07262EPSS
Exploits0References24
RedhatCVE
RedhatCVE
added 2018/01/24 5:21 a.m.25 views

CVE-2018-5091

A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.6 and Firefox 58...

9.8CVSS3.4AI score0.03393EPSS
Exploits0References2
Mozilla
Mozilla
added 2018/01/23 12:0 a.m.518 views

Security vulnerabilities fixed in Firefox ESR 52.6 — Mozilla

A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This...

9.8CVSS0.07262EPSS
Exploits0References11Affected Software1
UbuntuCve
UbuntuCve
added 2018/01/23 12:0 a.m.27 views

CVE-2018-5091

A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.6 and Firefox 58...

9.8CVSS7.2AI score0.03393EPSS
Exploits0References3
securityvulns
securityvulns
added 2012/04/24 12:0 a.m.35 views

AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver

Asterisk Project Security Advisory - AST-2012-005 Product Asterisk Summary Heap Buffer Overflow in Skinny Channel Driver Nature of Advisory Exploitable Heap Buffer Overflow Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On March 26, 2012 Reported By Russell...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2012/04/15 6:58 p.m.14 views

Phone Phreaking using Bluebox Demonstrated in India

Phone Phreaking using Bluebox Demonstrated in India Christy Philip Mathew, an Indian Information Security Instructor and Hacker demonstrated Phone Phreaking using Bluebox in his lab. This time we have something really special that would remind us the phone phreaking. Actually Phone Phreaking...

6.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2012/04/09 9:39 a.m.18 views

A DTMF-based IVR application that is developed by using Lync Server 2010, UCMA 3.0 Workflow APIs crashes

Fixes an issue in which a DTMF-based IVR application crashes when a user barges-in multiple times with invalid DTMF digits or barges-in to request help. This issue occurs if the application is developed by using Lync Server 2010, UCMA 3.0 Workflow APIs.SymptomsConsider the following scenario: You...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/07 1:29 p.m.10 views

Moshi Moshi : VoIP bot written in Python

Moshi Moshi : VoIP bot written in Python Moshi Moshi is a VoIP Bot written in Python that uses SIP as VoIP Protocol, Text-to-speech engines for Output, and DTMF Tones for Input. It is part of a talk "Sounds Like Botnet" given at DEF CON 19 and BSidesLV 2011 on VoIP Botnets by Itzik Kotler and...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2011/08/03 10:58 p.m.14 views

Telephone Line Voice Scanner

This module dials a range of phone numbers and records audio from each answered call This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'fileutils' class MetasploitModule 'Telephone Line Voice Scanner',...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/05/17 12:0 a.m.22 views

Fedora 14 : asterisk-1.6.2.18-1.fc14 (2011-6225)

The Asterisk Development Team has announced the release of Asterisk 1.6.2.18. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/ The release of Asterisk 1.6.2.18 resolves several issues reported by the community and would have not been possib...

9CVSS5.6AI score0.0313EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2011/05/09 12:0 a.m.34 views

Fedora 13 : asterisk-1.6.2.18-1.fc13 (2011-6208)

The Asterisk Development Team has announced the release of Asterisk 1.6.2.18. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/ The release of Asterisk 1.6.2.18 resolves several issues reported by the community and would have not been possib...

9CVSS5.6AI score0.0313EPSS
Exploits0References15
securityvulns
securityvulns
added 2006/07/03 12:0 a.m.52 views

Current Versions Release History

Current Versions Release History 5.1c2 30-Jun-06 Valid Core License Keys: issued between 01-Jun-2004 and 31-Oct-2004, or on or after 01-Jun-2005. Admin: Lawful Intercept for Signals is implemented. WSSP: now all string prefixes HTML, JAVASCRIPT, etc. support numeric data. XIMSS: the Signal...

7.9AI score
Exploits0
Rows per page
Query Builder