exploitDog

CVE-2013-2238

Опубликовано: 30 сент. 2013

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted variables.

Ссылки

http://jira.freeswitch.org/browse/FS-5566
Exploit
Patch
http://www.openwall.com/lists/oss-security/2013/07/04/4
Patch
http://jira.freeswitch.org/browse/FS-5566
Exploit
Patch
http://www.openwall.com/lists/oss-security/2013/07/04/4
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:freeswitch:freeswitch:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02359

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2013-2238

debian

больше 12 лет назад

Multiple buffer overflows in the switch_perform_substitution function ...

GHSA-hhwm-5rv2-8r77

github

больше 3 лет назад

Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted variables.

EPSS

Процентиль: 85%

0.02359

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-119