CVE-2007-2293

Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP INVITE.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:asterisk:asterisk:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.4_beta:*:*:*:*:*:*:*

Information

Published : 2007-04-26 13:19

Updated : 2018-10-16 09:43


NVD link : CVE-2007-2293

Mitre link : CVE-2007-2293


JSON object : View

Advertisement

dedicated server usa

Products Affected

asterisk

  • asterisk