Lucene search

MitreCVE-2006-1827

HistoryApr 18, 2006 - 8:02 p.m.

CVE-2006-1827

2006-04-1820:02:00

mitre

web.nvd.nist.gov

cve

asterisk

integer signedness error

buffer overflow

nvd

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.102

Percentile

95.0%

JSON

Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length.

Affected configurations

Nvd

Node

digiumasteriskRange≤1.2.6

digiumasteriskMatch0.1.0

digiumasteriskMatch0.1.1

digiumasteriskMatch0.1.2

digiumasteriskMatch0.1.3

digiumasteriskMatch0.1.4

digiumasteriskMatch0.1.5

digiumasteriskMatch0.1.6

digiumasteriskMatch0.1.7

digiumasteriskMatch0.1.8

digiumasteriskMatch0.1.9

digiumasteriskMatch0.1.9.1

digiumasteriskMatch0.1.10

digiumasteriskMatch0.1.11

digiumasteriskMatch0.1.12

digiumasteriskMatch0.2

digiumasteriskMatch0.2.0

digiumasteriskMatch0.3

digiumasteriskMatch0.3.0

digiumasteriskMatch0.4

digiumasteriskMatch0.4.0

digiumasteriskMatch0.5.0

digiumasteriskMatch0.7.0

digiumasteriskMatch0.7.1

digiumasteriskMatch0.7.2

digiumasteriskMatch1.0.0

digiumasteriskMatch1.0.1

digiumasteriskMatch1.0.2

digiumasteriskMatch1.0.3

digiumasteriskMatch1.0.4

digiumasteriskMatch1.0.5

digiumasteriskMatch1.0.6

digiumasteriskMatch1.0.7

digiumasteriskMatch1.0.8

digiumasteriskMatch1.0.9

digiumasteriskMatch1.0_rc1

digiumasteriskMatch1.0_rc2

digiumasteriskMatch1.2.0_beta1

VendorProductVersionCPE
digiumasterisk*cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
digiumasterisk0.1.0cpe:2.3:a:digium:asterisk:0.1.0:*:*:*:*:*:*:*
digiumasterisk0.1.1cpe:2.3:a:digium:asterisk:0.1.1:*:*:*:*:*:*:*
digiumasterisk0.1.2cpe:2.3:a:digium:asterisk:0.1.2:*:*:*:*:*:*:*
digiumasterisk0.1.3cpe:2.3:a:digium:asterisk:0.1.3:*:*:*:*:*:*:*
digiumasterisk0.1.4cpe:2.3:a:digium:asterisk:0.1.4:*:*:*:*:*:*:*
digiumasterisk0.1.5cpe:2.3:a:digium:asterisk:0.1.5:*:*:*:*:*:*:*
digiumasterisk0.1.6cpe:2.3:a:digium:asterisk:0.1.6:*:*:*:*:*:*:*
digiumasterisk0.1.7cpe:2.3:a:digium:asterisk:0.1.7:*:*:*:*:*:*:*
digiumasterisk0.1.8cpe:2.3:a:digium:asterisk:0.1.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
digium	asterisk	*	cpe:2.3:a:digium:asterisk::::::::
digium	asterisk	0.1.0	cpe:2.3:a:digium:asterisk:0.1.0:::::::*
digium	asterisk	0.1.1	cpe:2.3:a:digium:asterisk:0.1.1:::::::*
digium	asterisk	0.1.2	cpe:2.3:a:digium:asterisk:0.1.2:::::::*
digium	asterisk	0.1.3	cpe:2.3:a:digium:asterisk:0.1.3:::::::*
digium	asterisk	0.1.4	cpe:2.3:a:digium:asterisk:0.1.4:::::::*
digium	asterisk	0.1.5	cpe:2.3:a:digium:asterisk:0.1.5:::::::*
digium	asterisk	0.1.6	cpe:2.3:a:digium:asterisk:0.1.6:::::::*
digium	asterisk	0.1.7	cpe:2.3:a:digium:asterisk:0.1.7:::::::*
digium	asterisk	0.1.8	cpe:2.3:a:digium:asterisk:0.1.8:::::::*