exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2006-4346

больше 19 лет назад

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.

CVSS2: 7.5

EPSS: Низкий

CVE-2006-4346

больше 19 лет назад

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.

CVSS2: 7.5

EPSS: Низкий

CVE-2006-4346

больше 19 лет назад

Asterisk 1.2.10 supports the use of client-controlled variables to det ...

CVSS2: 7.5

EPSS: Низкий

GHSA-669m-w7rg-f3xx

почти 4 года назад

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2006-4346 Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.	CVSS2: 7.5	2% Низкий	больше 19 лет назад
CVE-2006-4346 Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.	CVSS2: 7.5	2% Низкий	больше 19 лет назад
CVE-2006-4346 Asterisk 1.2.10 supports the use of client-controlled variables to det ...	CVSS2: 7.5	2% Низкий	больше 19 лет назад
GHSA-669m-w7rg-f3xx Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.		2% Низкий	почти 4 года назад

Уязвимостей на страницу