Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol (SDP) header.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Asterisk 基于栈的缓冲区溢出漏洞
Vulnerability Description
Digium Asterisk是美国Digium公司的一套开源的电话交换机(PBX)系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。 Asterisk Open Source 11.2.2之前的11.x版本中的res/res_format_attr_h264.c中存在基于栈的缓冲区溢出漏洞。通过SIP Session Description Protocol (SDP)头中较长的sprop-parameter-sets H.264媒体属性,远程攻击者利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A