CVE-2012-3863
CVE-2012-3863 affects Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2 (also in various packaged releases such as Certified Asterisk and Digiumphones) due to improper handling of a provisional SIP reINVITE response in channels/chan_sip.c. This can allow remote authenticated users...