Published: 18/09/2012 Updated: 25/08/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Stack-based buffer overflow in the milliwatt_generate function in the Miliwatt application in Asterisk 1.4.x prior to 1.4.44, 1.6.x prior to 1.6.2.23, 1.8.x prior to 1.8.10.1, and 10.x prior to 10.2.1, when the o option is used and the internal_timing option is off, allows remote malicious users to cause a denial of service (application crash) via a large number of samples in an audio packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
digium asterisk
debian debian linux 6.0

Debian Bug report logs - #664411 [CVE-2012-1183 - CVE-2012-1184] Asterisk: AST-2012-002 and AST-2012-003 flaws Package: asterisk; Maintainer for asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Source for asterisk is src:asterisk (PTS, buildd, popcon) Reported by: Luciano Bello <luciano@debian ...

Debian Bug report logs - #670180 CVE-2012-2414 CVE-2012-2415 CVE-2012-2416 Package: asterisk; Maintainer for asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Source for asterisk is src:asterisk (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 23 Apr 2012 18 ...

Several vulnerabilities were discovered in the Asterisk PBX and telephony toolkit: CVE-2012-1183 Russell Bryant discovered a buffer overflow in the Milliwatt application CVE-2012-2414 David Woolley discovered a privilege escalation in the Asterisk manager interface CVE-2012-2415 Russell Bryant discovered a buffer overflow in ...

CWE-119 http://www.asterisk.org/node/51797 http://downloads.asterisk.org/pub/security/AST-2012-002-1.8.diff http://www.securityfocus.com/bid/52523 http://securitytracker.com/id?1026812 http://secunia.com/advisories/48417 http://osvdb.org/80125 http://www.openwall.com/lists/oss-security/2012/03/16/10 http://archives.neohapsis.com/archives/bugtraq/2012-03/0069.html http://downloads.asterisk.org/pub/security/AST-2012-002.pdf http://www.openwall.com/lists/oss-security/2012/03/16/17 http://www.debian.org/security/2012/dsa-2460 http://secunia.com/advisories/48941 https://exchange.xforce.ibmcloud.com/vulnerabilities/74082 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411 https://www.debian.org/security/./dsa-2460

CVE-2012-1183

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect