CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
EPSS
Percentile
95.0%
Emmanouel Kellenis reports a denial of service vulnerability
within asterisk. The vulnerability is caused by a buffer
overflow in “format_jpeg.c”. A large JPEG image could
trigger this bug, potentially allowing a local attacker to
execute arbitrary code.