Lucene search

K

6 matches found

CVE
CVE
added 2006/04/18 8:2 p.m.88 views

CVE-2006-1827

Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length.

6.4CVSS7.7AI score0.04082EPSS
CVE
CVE
added 2006/10/23 5:7 p.m.85 views

CVE-2006-5444

Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads...

7.5CVSS7.7AI score0.8691EPSS
CVE
CVE
added 2006/10/23 5:7 p.m.60 views

CVE-2006-5445

Unspecified vulnerability in the SIP channel driver (channels/chan_sip.c) in Asterisk 1.2.x before 1.2.13 and 1.4.x before 1.4.0-beta3 allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors that result in the creation of "a real pvt structure" that uses ...

7.8CVSS6.4AI score0.07928EPSS
CVE
CVE
added 2006/06/07 10:2 a.m.58 views

CVE-2006-2898

The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via truncated IAX 2 (IAX2) video frames, which bypasses a length check and leads to a buffer overflow involving negativ...

7.5CVSS7.9AI score0.00324EPSS
CVE
CVE
added 2006/08/24 8:4 p.m.55 views

CVE-2006-4345

Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows remote attackers to execute arbitrary code via a crafted audit endpoint (AUEP) response.

7.5CVSS7.8AI score0.05153EPSS
CVE
CVE
added 2006/08/24 8:4 p.m.44 views

CVE-2006-4346

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERI...

7.5CVSS6.9AI score0.02329EPSS