Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2007-3762

Published: 18/07/2007 Updated: 29/07/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Asterisk

Vulnerability Summary

Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk prior to 1.2.22 and 1.4.x prior to 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit prior to 0.5.0, and s800i prior to 1.0.2 allows remote malicious users to execute arbitrary code by sending a long (1) voice or (2) video RTP frame.

Vulnerable Product Search on Vulmon Subscribe to Product

asterisk asterisk 1.0.6

asterisk asterisk 1.0.7

asterisk asterisk 1.2.12

asterisk asterisk 1.2.13

asterisk asterisk 1.2.8

asterisk asterisk 1.2.9

asterisk asterisk b.1.3.3

asterisk asterisk b.2.2.0

asterisk asterisk 1.0

asterisk asterisk 1.0.10

asterisk asterisk 1.2.0_beta1

asterisk asterisk 1.0.11

asterisk asterisk 1.0.12

asterisk asterisk 1.2.10

asterisk asterisk 1.2.11

asterisk asterisk 1.2.5

asterisk asterisk 1.2.6

asterisk asterisk 1.2.7

asterisk asterisk a

asterisk asterisk b.1.3.2

asterisk asterisk 1.2.0_beta2

asterisk asterisk 1.2.16

asterisk asterisk 1.2.17

asterisk asterisk 1.4.4_2007-04-27

asterisk asterisk 1.4_beta

asterisk asterisk appliance developer kit

asterisk asterisk 1.0.8

asterisk asterisk 1.0.9

asterisk asterisk 1.2.14

asterisk asterisk 1.2.15

asterisk asterisk 1.4.1

asterisk asterisk 1.4.2

asterisk asterisknow beta_5

asterisk asterisknow beta_6

asterisk s800i appliance 1.0

asterisk s800i appliance 1.0.1

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2007-1594: Asterisk segfaults upon receipt of a certain SIP packet (SIP Response code 0)
Debian Bug report logs - #419820 CVE-2007-1594: Asterisk segfaults upon receipt of a certain SIP packet (SIP Response code 0) Package: asterisk; Maintainer for asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Source for asterisk is src:asterisk (PTS, buildd, popcon) Reported by: Frédéric Brière ...
Debian Security Advisories: DSA-1358-1 asterisk -- several vulnerabilities
Several remote vulnerabilities have been discovered in Asterisk, a free software PBX and telephony toolkit The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1306 Mu Security discovered that a NULL pointer dereference in the SIP implementation could lead to denial of service CVE-2007-1561 Inr ...

References

NVD-CWE-Otherhttp://ftp.digium.com/pub/asa/ASA-2007-014.pdfhttp://www.debian.org/security/2007/dsa-1358http://www.novell.com/linux/security/advisories/2007_15_sr.htmlhttp://www.securityfocus.com/bid/24949http://www.securitytracker.com/id?1018407http://secunia.com/advisories/26099http://bugs.gentoo.org/show_bug.cgi?id=185713http://security.gentoo.org/glsa/glsa-200802-11.xmlhttp://secunia.com/advisories/29051http://www.vupen.com/english/advisories/2007/2563https://exchange.xforce.ibmcloud.com/vulnerabilities/35466https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=419820https://nvd.nist.govhttps://www.debian.org/security/./dsa-1358
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook