3 matches found
OESA-2026-2682 sofia-sip security update
Sofia SIP is a RFC-3261-compliant library for SIP user agents and other network elements. The Session Initiation Protocol SIP is an application-layer control signaling protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telepho...
PT-2023-23716
Name of the Vulnerable Software and Affected Versions Sofia-SIP versions prior to 1.13.15 Description Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Several potential heap-over-flow and integer-overflow vulnerabilities were found in stun parse...
UBUNTU-CVE-2023-22741
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP lacks both message length and attributes length checks when it handles STUN packets, leading to controllable heap-over-flow. For example, in stunparseattribute, after ...