The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extensions, which allows remote malicious users to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
asterisk asterisk 1.2.13 |