2 matches found
CVE-2012-3812
CVE-2012-3812 is a double-free vulnerability in Asterisk voicemail handling that can be abused by remote authenticated users to crash the daemon when accessing both Urgent and INBOX mailboxes. Affected products and versions: Asterisk Open Source 1.8.x prior to 1.8.13.1; Asterisk Open Source 10.x ...
CVE-2012-3863
CVE-2012-3863 affects Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2 (also in various packaged releases such as Certified Asterisk and Digiumphones) due to improper handling of a provisional SIP reINVITE response in channels/chan_sip.c. This can allow remote authenticated users...