CVE-2014-9374: CVE-2014-9374

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-9374

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Double free vulnerability in the WebSocket Server (res_http_websocket module) in Asterisk Open Source 11.x before 11.14.2, 12.x before 12.7.2, and 13.x before 13.0.2 and Certified Asterisk 11.6 before 11.6-cert9 allows remote attackers to cause a denial of service (crash) by sending a zero length frame after a non-zero length frame.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Digium Asterisk Open Source和Certified Asterisk 双重释放漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Digium Asterisk Open Source和Certified Asterisk都是美国Digium公司的开源电话交换机（PBX）系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。PJSIP是其中的一个多媒体通信库。multi-part body parser是其中的一个解析器。 Digium Asterisk Open Source和Certified Asterisk的WebSocket Server(res_http_websocket module)中存在双重释放

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2014-9374

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-9374

Please Login to view more intelligence information

http://advisories.mageia.org/MGASA-2015-0010.htmlx_refsource_CONFIRM
http://downloads.asterisk.org/pub/security/AST-2014-019.htmlx_refsource_CONFIRM
http://packetstormsecurity.com/files/129473/Asterisk-Project-Security-Advisory-AST-2014-019.htmlx_refsource_MISC
http://secunia.com/advisories/60251third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/71607vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1031345vdb-entryx_refsource_SECTRACK
http://www.mandriva.com/security/advisories?name=MDVSA-2015:018vendor-advisoryx_refsource_MANDRIVA
http://www.securityfocus.com/archive/1/534197/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://seclists.org/fulldisclosure/2014/Dec/48mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2014-9374

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2014-9374

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2014-9374

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-9374

III. Intelligence Information for CVE-2014-9374

New Vulnerabilities

V. Comments for CVE-2014-9374

Leave a comment