Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-6104

Malware in sbrugna...

7.5CVSS7.6AI score0.03156EPSS
Exploits0References5
Prion
Prion
added 2017/10/10 1:30 a.m.17 views

Design/Logic Flaw

In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetricrtp" options allow...

5CVSS7.6AI score0.03156EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2017/10/10 1:30 a.m.3 views

UBUNTU-CVE-2017-14603

In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetricrtp" options allow...

7.5CVSS7.3AI score0.03156EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2017/09/28 12:0 a.m.3 views

Digium Asterisk RTP Stack Information Disclosure (CVE-2017-14099)

An information disclosure vulnerability exists in Digium Asterisk. The vulnerability is due to improper handling of incoming RTP/RTCP packets when the chansip and chanpjsip channel drivers are configured to use NAT and Symmetric-RTP respectively...

5CVSS1.6AI score0.0433EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/09/02 4:29 p.m.23 views

CVE-2017-14099

In res/resrtpasterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized data disclosure media takeover in the RTP stack is possible with careful timing by an attacker. The...

7.5CVSS7.1AI score0.0433EPSS
Exploits0References7
Prion
Prion
added 2017/09/02 4:29 p.m.24 views

Design/Logic Flaw

In res/resrtpasterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized data disclosure media takeover in the RTP stack is possible with careful timing by an attacker. The...

5CVSS7.2AI score0.0433EPSS
Exploits0References7Affected Software2
Debian CVE
Debian CVE
added 2017/09/02 4:0 p.m.18 views

CVE-2017-14099

In res/resrtpasterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized data disclosure media takeover in the RTP stack is possible with careful timing by an attacker. The...

7.5CVSS7.6AI score0.0433EPSS
Exploits0
Rows per page
Query Builder