Lucene search
K

29 matches found

Prion
Prion
added 2016/12/12 9:59 p.m.10 views

Code injection

An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself until it crashe...

5CVSS7.2AI score0.02613EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2016/12/12 9:59 p.m.14 views

CVE-2016-9937

An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself until it crashe...

7.5CVSS7.5AI score0.02613EPSS
Exploits0References6
OSV
OSV
added 2016/12/12 9:59 p.m.7 views

CVE-2016-9937

An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself until it crashe...

7.5CVSS6.9AI score
Exploits0References6
CVE
CVE
added 2016/12/12 9:0 p.m.61 views

CVE-2016-9937

CVE-2016-9937 affects Asterisk Open Source versions 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1. When an SDP offer/answer contains Opus and parameters separated by spaces, the Opus SDP parser recurses and crashes, causing a denial of service. The issue is remote and unauthenticated,...

7.5CVSS7.5AI score0.02613EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2016/12/12 9:0 p.m.21 views

CVE-2016-9937

An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself until it crashe...

7.5CVSS7.4AI score0.02613EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/12/12 12:0 a.m.16 views

FreeBSD : asterisk -- Crash on SDP offer or answer from endpoint using Opus (9e6640fe-be3a-11e6-b04f-001999f8d30b)

The Asterisk project reports : If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself until it crashes. This occurs as the code does not properly handle spaces separating the...

5.6AI score
Exploits0References2
OpenVAS
OpenVAS
added 2016/12/09 12:0 a.m.19 views

Asterisk SDP Offer DoS Vulnerability (AST-2016-008)

Asterisk is prone to a SDP offer denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.5AI score0.02613EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2016/11/11 12:0 a.m.22 views

asterisk -- Crash on SDP offer or answer from endpoint using Opus

The Asterisk project reports: If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself until it crashes. This occurs as the code does not properly handle spaces separating the...

1.4AI score
Exploits0References1
NVD
NVD
added 2013/02/23 9:55 p.m.19 views

CVE-2013-0899

Integer overflow in the padding implementation in the opuspacketparseimpl function in src/opusdecoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of...

5CVSS6.4AI score0.01509EPSS
Exploits0References8
Rows per page
Query Builder