CVE-2019-15639

Опубликовано: 09 сент. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario.

Ссылки

http://downloads.asterisk.org/pub/security/AST-2019-005.html
Vendor Advisory
http://packetstormsecurity.com/files/154372/Asterisk-Project-Security-Advisory-AST-2019-005.html
Third Party Advisory
VDB Entry
http://downloads.asterisk.org/pub/security/AST-2019-005.html
Vendor Advisory
http://packetstormsecurity.com/files/154372/Asterisk-Project-Security-Advisory-AST-2019-005.html
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*

Версия от 13.0.0 (включая) до 13.28.0 (включая)

cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*

Версия от 16.0.0 (включая) до 16.5.0 (включая)

EPSS

Процентиль: 92%

0.088

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2019-15639

CVSS3: 7.5

ubuntu

больше 6 лет назад

main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario.

CVE-2019-15639

CVSS3: 7.5

debian

больше 6 лет назад

main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remot ...

GHSA-2vj6-p9c5-8h3v

CVSS3: 7.5

github

больше 3 лет назад

main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario.

EPSS

Процентиль: 92%

0.088

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20