Buffer overflow in Asterisk Certified_asterisk

CVE-2013-2686

main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphon…

Vulnerability class: Buffer Overflow

EPSS: 0.021 (79.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References