exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2006-4346

около 19 лет назад

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.

CVSS2: 7.5

EPSS: Низкий

CVE-2006-4346

около 19 лет назад

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.

CVSS2: 7.5

EPSS: Низкий

CVE-2006-4346

около 19 лет назад

Asterisk 1.2.10 supports the use of client-controlled variables to det ...

CVSS2: 7.5

EPSS: Низкий

GHSA-669m-w7rg-f3xx

больше 3 лет назад

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2006-4346 Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.	CVSS2: 7.5	2% Низкий	около 19 лет назад
CVE-2006-4346 Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.	CVSS2: 7.5	2% Низкий	около 19 лет назад
CVE-2006-4346 Asterisk 1.2.10 supports the use of client-controlled variables to det ...	CVSS2: 7.5	2% Низкий	около 19 лет назад
GHSA-669m-w7rg-f3xx Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.		2% Низкий	больше 3 лет назад

Уязвимостей на страницу