Heap overflow

2011-03-1517:55:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

High

0.931 High

EPSS

Percentile

99.1%

JSON

Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet.

CPENameOperatorVersion
asteriskeq1.4.37 rc1
asteriskeq1.4.26.3
asteriskeq1.4.22 rc3
asteriskeq1.4.27 rc2
asteriskeq1.4.36 rc1
asteriskeq1.4.26 rc4
asteriskeq1.4.28
asteriskeq1.4.27 rc1
asteriskeq1.4.27.1
asteriskeq1.4.26 rc5

Name	Operator	Version
asterisk	eq	1.4.37 rc1
asterisk	eq	1.4.26.3
asterisk	eq	1.4.22 rc3
asterisk	eq	1.4.27 rc2
asterisk	eq	1.4.36 rc1
asterisk	eq	1.4.26 rc4
asterisk	eq	1.4.28
asterisk	eq	1.4.27 rc1
asterisk	eq	1.4.27.1
asterisk	eq	1.4.26 rc5