Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2007-3762
HistoryJul 18, 2007 - 5:30 p.m.

CVE-2007-3762

2007-07-1817:30:00
[email protected]
web.nvd.nist.gov
1

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.185 Low

EPSS

Percentile

96.2%

JSON

Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame.

Affected configurations

NVD
Node
asteriskasteriskMatch1.0
OR
asteriskasteriskMatch1.0.6
OR
asteriskasteriskMatch1.0.7
OR
asteriskasteriskMatch1.0.8
OR
asteriskasteriskMatch1.0.9
OR
asteriskasteriskMatch1.0.10
OR
asteriskasteriskMatch1.0.11
OR
asteriskasteriskMatch1.0.12
OR
asteriskasteriskMatch1.2.0_beta1
OR
asteriskasteriskMatch1.2.0_beta2
OR
asteriskasteriskMatch1.2.5
OR
asteriskasteriskMatch1.2.6
OR
asteriskasteriskMatch1.2.7
OR
asteriskasteriskMatch1.2.8
OR
asteriskasteriskMatch1.2.9
OR
asteriskasteriskMatch1.2.10
OR
asteriskasteriskMatch1.2.11
OR
asteriskasteriskMatch1.2.12
OR
asteriskasteriskMatch1.2.13
OR
asteriskasteriskMatch1.2.14
OR
asteriskasteriskMatch1.2.15
OR
asteriskasteriskMatch1.2.16
OR
asteriskasteriskMatch1.2.17
OR
asteriskasteriskMatch1.4.1
OR
asteriskasteriskMatch1.4.2
OR
asteriskasteriskMatch1.4.4_2007-04-27
OR
asteriskasteriskMatch1.4_beta
OR
asteriskasteriskMatchabusiness
OR
asteriskasteriskMatchb.1.3.2business
OR
asteriskasteriskMatchb.1.3.3business
OR
asteriskasteriskMatchb.2.2.0business
OR
asteriskasterisk_appliance_developer_kitRange≀0.4
OR
asteriskasterisknowMatchbeta_5
OR
asteriskasterisknowMatchbeta_6
Node
asterisks800i_applianceMatch1.0
OR
asterisks800i_applianceMatch1.0.1

Related

securityvulns 2
cvelist 1
ubuntucve 1
cve 1
debiancve 1
prion 1
seebug 1
nessus 3
openvas 4
gentoo 1
osv 1
debian 1
securityvulns
securityvulns
ASA-2007-014: Stack buffer overflow in IAX2 channel driver
2007-07-19 00:00:00
Asterisk VoIP server multiple security vulnerabilities
2007-07-19 00:00:00
cvelist
cvelist
CVE-2007-3762
2007-07-18 17:00:00
ubuntucve
ubuntucve
CVE-2007-3762
2007-07-18 00:00:00
cve
cve
CVE-2007-3762
2007-07-18 17:30:00
debiancve
debiancve
CVE-2007-3762
2007-07-18 17:30:00
prion
prion
Stack overflow
2007-07-18 17:30:00
seebug
seebug
Asterisk IAX2ιš§ι“ι©±εŠ¨IAX2_Writeε‡½ζ•°θΏœη¨‹ζ ˆζΊ’ε‡ΊζΌζ΄ž
2007-07-22 00:00:00
nessus
nessus
openSUSE 10 Security Update : asterisk (asterisk-3977)
2007-10-17 00:00:00
GLSA-200802-11 : Asterisk: Multiple vulnerabilities
2008-02-27 00:00:00
Debian DSA-1358-1 : asterisk - several vulnerabilities
2007-08-28 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200802-11 (asterisk)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200802-11 (asterisk)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-1358-1)
2008-01-17 00:00:00
gentoo
gentoo
Asterisk: Multiple vulnerabilities
2008-02-26 00:00:00
osv
osv
asterisk
2007-08-26 00:00:00
debian
debian
[SECURITY] [DSA 1358-1] New asterisk packages fix several vulnerabilities
2007-08-26 08:04:07

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.185 Low

EPSS

Percentile

96.2%

JSON
Related for NVD:CVE-2007-3762
securityvulns2cvelist1ubuntucve1cve1debiancve1prion1seebug1nessus3openvas4gentoo1osv1debian1