5

CVE-2007-3764

The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an "overly large memcpy."

Data is provided by the National Vulnerability Database (NVD)
AsteriskAsterisk Version1.0
AsteriskAsterisk Version1.0.6
AsteriskAsterisk Version1.0.7
AsteriskAsterisk Version1.0.8
AsteriskAsterisk Version1.0.9
AsteriskAsterisk Version1.0.10
AsteriskAsterisk Version1.0.11
AsteriskAsterisk Version1.0.12
AsteriskAsterisk Version1.2.0_beta1
AsteriskAsterisk Version1.2.0_beta2
AsteriskAsterisk Version1.2.5
AsteriskAsterisk Version1.2.6
AsteriskAsterisk Version1.2.7
AsteriskAsterisk Version1.2.8
AsteriskAsterisk Version1.2.9
AsteriskAsterisk Version1.2.10
AsteriskAsterisk Version1.2.11
AsteriskAsterisk Version1.2.12
AsteriskAsterisk Version1.2.13
AsteriskAsterisk Version1.2.14
AsteriskAsterisk Version1.2.15
AsteriskAsterisk Version1.2.16
AsteriskAsterisk Version1.2.17
AsteriskAsterisk Version1.4.1
AsteriskAsterisk Version1.4.2
AsteriskAsterisk Version1.4.4_2007-04-27
AsteriskAsterisk Version1.4_beta
AsteriskAsterisk Versiona Editionbusiness
AsteriskAsterisk Versionb.1.3.2 Editionbusiness
AsteriskAsterisk Versionb.1.3.3 Editionbusiness
AsteriskAsterisk Versionb.2.2.0 Editionbusiness
AsteriskAsterisknow Versionbeta_5
AsteriskAsterisknow Versionbeta_6
AsteriskS800i Appliance Version1.0
AsteriskS800i Appliance Version1.0.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 44.76% 0.975
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P