7.5

CVE-2018-7284

Exploit

A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed, despite having a fixed limit of 32. If more than 32 Accept headers were present, the code would write outside of its memory and cause a crash.

Data is provided by the National Vulnerability Database (NVD)
DigiumAsterisk Version <= 13.19.1
DigiumAsterisk Version >= 14.0.0 <= 14.7.5
DigiumAsterisk Version >= 15.0.0 <= 15.2.1
DigiumCertified Asterisk Version13.18 Updatecert1
DigiumCertified Asterisk Version13.18 Updatecert2
DigiumCertified Asterisk Version <= 13.18
DebianDebian Linux Version9.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 65.24% 0.984
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.securityfocus.com/bid/103151
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040416
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/44184/
Third Party Advisory
Exploit
VDB Entry