Double free vulnerability in the WebSocket Server (res_http_websocket module) in Asterisk Open Source 11.x prior to 11.14.2, 12.x prior to 12.7.2, and 13.x prior to 13.0.2 and Certified Asterisk 11.6 prior to 11.6-cert9 allows remote malicious users to cause a denial of service (crash) by sending a zero length frame after a non-zero length frame.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
digium certified asterisk 11.6 |
||
digium certified asterisk 11.6.0 |
||
digium asterisk 12.7.0 |
||
digium asterisk 12.4.0 |
||
digium asterisk 13.0.0 |
||
digium asterisk 12.7.1 |
||
digium asterisk 12.5.0 |
||
digium asterisk 12.2.0 |
||
digium asterisk 12.1.0 |
||
digium asterisk 11.14.0 |
||
digium asterisk 11.13.0 |
||
digium asterisk 11.10.0 |
||
digium asterisk 11.9.0 |
||
digium asterisk 11.8.0 |
||
digium asterisk 11.7.0 |
||
digium asterisk 11.5.0 |
||
digium asterisk 11.4.0 |
||
digium asterisk 11.2.0 |
||
digium asterisk 11.0.0 |
||
digium asterisk 12.3.0 |
||
digium asterisk 11.12.0 |
||
digium asterisk 11.6.0 |
||
digium asterisk 11.1.0 |
||
digium asterisk 12.6.0 |
||
digium asterisk 12.0.0 |
||
digium asterisk 11.11.0 |
||
digium asterisk 13.0.1 |
||
digium asterisk 11.3.0 |
Vulmon