4
CVE-2012-3812
- EPSS 7.19%
- Published 09.07.2012 22:55:01
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones allows remote authenticated users to cause a denial of service (daemon crash) by establishing multiple voicemail sessions and accessing both the Urgent mailbox and the INBOX mailbox.
Data is provided by the National Vulnerability Database (NVD)
Digium ≫ Certified Asterisk Version1.8.11 Updatecert
Digium ≫ Certified Asterisk Version1.8.11 Updatecert1
Digium ≫ Certified Asterisk Version1.8.11 Updatecert
Digium ≫ Certified Asterisk Version1.8.11 Updatecert1
Digium ≫ Certified Asterisk Version1.8.11 Updatecert2
Digium ≫ Certified Asterisk Version1.8.11 Updatecert3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.19% | 0.907 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|