108 matches found
file-type affected by infinite loop in ASF parser on malformed input with zero-size sub-header
Impact A denial of service vulnerability exists in the ASF WMV/WMA file type detection parser. When parsing a crafted input where an ASF sub-header has a size field of zero, the parser enters an infinite loop. The payload value becomes negative -24, causing tokenizer.ignorepayload to move the rea...
PT-2026-24463
file-type detects the file type of a file, stream, or data. Prior to 21.3.1, a denial of service vulnerability exists in the ASF WMV/WMA file type detection parser. When parsing a crafted input where an ASF sub-header has a size field of zero, the parser enters an infinite loop. The payload value...
EUVD-2021-19403
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-32558
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before...
[SECURITY] [DLA 2729-1] asterisk security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2729-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb August 04, 2021 https://wiki.debian.org/LTS -...
CVE-2021-32558
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
DEBIAN-CVE-2021-32558
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
ALPINE-CVE-2021-32558
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
CVE-2021-32558
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
UBUNTU-CVE-2021-32558
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
Design/Logic Flaw
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
CVE-2021-32558
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
CVE-2021-32558
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
CVE-2021-32558
The CVE-2021-32558 issue affects Sangoma Asterisk and Certified Asterisk: IAX2 channel driver may crash when receiving a packet with an unsupported media format. Affected versions include Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, 18.x before 18.5.1, and Certified Aste...
CVE-2021-32558
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
Asterisk Multiple DoS Vulnerabilities (AST-2021-008, AST-2021-009)
Asterisk is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
asterisk -- Remote crash when using IAX2 channel driver
The Asterisk project reports: If the IAX2 channel driver receives a packet that contains an unsupported media format it can cause a crash to occur in Asterisk...
MS13-057: Description of the security update for Windows Media Format Runtime 9 and 9.5 (wmvdmod.dll), and for Windows Media Player 11 and 12: July 9, 2013
MS13-057: Description of the security update for Windows Media Format Runtime 9 and 9.5 wmvdmod.dll, and for Windows Media Player 11 and 12: July 9, 2013 INTRODUCTION Microsoft has released security bulletin MS13-057. To view the complete security bulletin, visit one of the following Microsoft...
Asterisk chan_pjsip 15.2.0 - SDP Denial of Service
Asterisk chanpjsip 15.2.0 - SDP Denial of Service ''' Segmentation fault occurs in Asterisk with an invalid SDP media format description - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip - References: AST-2018-002 - Enable Security Advisory...
Asterisk 15.2.0 chan_pjsip SDP Media Format Denial Of Service
Segmentation fault occurs in Asterisk with an invalid SDP media format description - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip - References: AST-2018-002 - Enable Security Advisory: - Vendor Advisory: - Tested vulnerable versions:...