Buffer overflow in Asterisk Open_source

CVE-2013-2685

Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Proto…

Vulnerability class: Buffer Overflow

EPSS: 0.026 (83.5th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References