Asterisk@15.0.0 Security Vulnerabilities and Issues — Asterisk@15.0.0 CVE List

Lucene search

DigiumAsterisk15.0.0

4 matches found

CVE•added 2019/07/12 8:15 p.m.•378 views

CVE-2019-13161

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an...

5.3CVSS5.3AI score0.02285EPSS

CVE•added 2019/07/12 8:15 p.m.•347 views

CVE-2019-12827

Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.

6.5CVSS5.6AI score0.19587EPSS

CVE•added 2019/09/09 9:15 p.m.•209 views

CVE-2019-15297

res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.

6.5CVSS6.1AI score0.02295EPSS

CVE•added 2019/03/28 5:29 p.m.•90 views

CVE-2019-7251

An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.

6.5CVSS6AI score0.04411EPSS