Download
| Alert*
oval:org.secpod.oval:def:1800000
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. Reference oval:org.secpod.oval:def:1800155 CVE-2017-14098: Remote Crash Vulnerability in res_pjsip Fixed In Version: asterisk 13.17.1, asterisk 14.6.1 oval:org.secpod.oval:def:44779 CVE-2017-14099: Media takeover in RTP stack Fixed In Version:¶ asterisk 13.17.1, asterisk 14.6.1 oval:org.secpod.oval:def:1900251 In the pjsip channel driver in Asterisk 13.x before 13.17.1 and14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash. |