CVSS: 9.8EPSS: 4%CPEs: 38EXPL: 1CVE-2006-1827 – Debian Linux Security Advisory 1048-1
https://notcve.org/view.php?id=CVE-2006-1827
18 Apr 2006 — Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length. Several problems have been discovered in Asterisk, an Open Source Private Branch Exchange (telephone control center). Adam Pointon discovered that due to missing input sanitizing it is possible to retrieve recorded phone messages for a different extens... • http://ftp.digium.com/pub/asterisk/releases/asterisk-1.2.7-patch.gz •
CVSS: 7.5EPSS: 5%CPEs: 33EXPL: 2CVE-2005-3559 – Asterisk 0.x/1.0/1.2 Voicemail - Unauthorized Access
https://notcve.org/view.php?id=CVE-2005-3559
16 Nov 2005 — Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter. Several problems have been discovered in Asterisk, an Open Source Private Branch Exchange (telephone control center). Adam Pointon discovered that due to missing input sanitizing it is possible to retrieve recorded phone messages for a different extension. Emmanouel Kellinis discovered an integer signedness error that could trigger a buf... • https://www.exploit-db.com/exploits/26475 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2081
https://notcve.org/view.php?id=CVE-2005-2081
30 Jun 2005 — Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character. • http://marc.info/?l=bugtraq&m=111946399501080&w=2 •