Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-18976

Published: 22/11/2019 Updated: 03/06/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

An issue exists in res_pjsip_t38.c in Sangoma Asterisk up to and including 13.x and Certified Asterisk up to and including 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

digium certified asterisk 13.21

digium asterisk

debian debian linux 9.0

Mailing Lists

Full Disclosure: AST-2019-008: Re-invite with T.38 and malformed SDP causes crash.
Asterisk Project Security Advisory - Product Asterisk Summary Re-invite with T38 and malformed SDP causes crash Nature of Advisory Remote Crash Susceptibility Remote Authenticated Sessions ...

References

CWE-476https://www.cybersecurity-help.cz/vdb/SB2019112218?affChecked=1https://www.asterisk.org/downloads/security-advisorieshttp://downloads.asterisk.org/pub/security/AST-2019-008.htmlhttps://packetstormsecurity.com/files/155436/Asterisk-Project-Security-Advisory-AST-2019-008.htmlhttps://seclists.org/fulldisclosure/2019/Nov/20https://lists.debian.org/debian-lts-announce/2022/04/msg00001.htmlhttps://nvd.nist.govhttp://seclists.org/fulldisclosure/2019/Nov/20
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6280CVE-2024-5346CVE-2024-30078CVE-2022-45803CVE-2024-36886SQLCVE-2024-24553IMAPmemory leak
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook