Buffer overflow in Asterisk Open_source
CVE-2012-2415
Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possi…
Vulnerability class: Buffer Overflow
EPSS: 0.027 (84.2th percentile) — read the EPSS interpretation.
Affected products
- Asterisk Open_source — versions 1.6.2.0, 1.6.2.1, 1.6.2.2
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
- cve@mitre.org (vendor-advisory, x_refsource_FEDORA)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)