Lucene search
Redhat.comRH:CVE-2018-7284HistoryMay 20, 2022 - 11:49 p.m.
CVE-2018-7284
2022-05-2023:49:53
redhat.com
access.redhat.com
23
0.787 High
EPSS
Percentile
98.3%
A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed, despite having a fixed limit of 32. If more than 32 Accept headers were present, the code would write outside of its memory and cause a crash.
Related
prion
prion
Buffer overflow
2018-02-22 00:29:00
cvelist
cvelist
CVE-2018-7284
2018-02-22 00:00:00
exploitpack
exploitpack
Asterisk chan_pjsip 15.2.0 - SUBSCRIBE Stack Corruption
2018-02-27 00:00:00
checkpoint_advisories
checkpoint_advisories
Digium Asterisk Out-of-Bounds Write (CVE-2018-7284)
2018-05-02 00:00:00
osv
osv
CVE-2018-7284
2018-02-22 00:29:01
asterisk - security update
2018-10-16 00:00:00
debiancve
debiancve
CVE-2018-7284
2018-02-22 00:29:01
packetstorm
packetstorm
Asterisk 15.2.0 chan_pjsip SUBSCRIBE Stack Corruption
2018-02-26 00:00:00
nvd
nvd
CVE-2018-7284
2018-02-22 00:29:01
ubuntucve
ubuntucve
CVE-2018-7284
2018-02-22 00:00:00
cve
cve
CVE-2018-7284
2018-02-22 00:29:01
zdt
zdt
Asterisk 15.2.0 chan_pjsip SUBSCRIBE Stack Corruption Exploit
2018-02-27 00:00:00
exploitdb
exploitdb
Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption
2018-02-27 00:00:00
nessus
nessus
freebsd
freebsd
asterisk -- multiple vulnerabilities
2018-02-21 00:00:00
openvas
openvas
Asterisk Multiple Vulnerabilities
2018-02-22 00:00:00
Debian: Security Advisory (DSA-4320-1)
2018-10-15 00:00:00
debian
debian
[SECURITY] [DSA 4320-1] asterisk security update
2018-10-16 21:54:17