Buffer overflow in Asterisk Certified_asterisk
CVE-2013-2686
main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphon…
Vulnerability class: Buffer Overflow
EPSS: 0.021 (79.6th percentile) — read the EPSS interpretation.
Affected products
- Asterisk Certified_asterisk — versions 1.8.15, 1.8.15.0
- Asterisk Digiumphones — versions 10.0.0, 10.1.0, 10.2.0
- Asterisk Open_source — versions 1.8.0, 1.8.1, 1.8.1.1
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)