FreeBSD : asterisk -- denial of service vulnerability, local system access (8b683bea-d49c-11da-a672-000e0c2e438a)

Emmanouel Kellenis reports a denial of service vulnerability within asterisk. The vulnerability is caused by a buffer overflow in 'formatjpeg.c'. A large JPEG image could trigger this bug, potentially allowing a local attacker to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network...

CVE-2006-1827

Integer signedness error in formatjpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length...

CVE-2006-1827

Integer signedness error in formatjpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length...

asterisk -- denial of service vulnerability, local system access

Emmanouel Kellenis reports a denial of service vulnerability within asterisk. The vulnerability is caused by a buffer overflow in "formatjpeg.c". A large JPEG image could trigger this bug, potentially allowing a local attacker to execute arbitrary code...