CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2006-2898
https://notcve.org/view.php?id=CVE-2006-2898
07 Jun 2006 — The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via truncated IAX 2 (IAX2) video frames, which bypasses a length check and leads to a buffer overflow involving negative length check. NOTE: the vendor advisory claims that only a DoS is possible, but the original researcher is reliable. • http://secunia.com/advisories/20497 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 38EXPL: 1CVE-2006-1827
https://notcve.org/view.php?id=CVE-2006-1827
18 Apr 2006 — Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length. • http://ftp.digium.com/pub/asterisk/releases/asterisk-1.2.7-patch.gz •
CVSS: 7.5EPSS: 5%CPEs: 33EXPL: 2CVE-2005-3559 – Asterisk 0.x/1.0/1.2 Voicemail - Unauthorized Access
https://notcve.org/view.php?id=CVE-2005-3559
16 Nov 2005 — Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter. • https://www.exploit-db.com/exploits/26475 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2081
https://notcve.org/view.php?id=CVE-2005-2081
30 Jun 2005 — Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character. • http://marc.info/?l=bugtraq&m=111946399501080&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 1CVE-2003-0779
https://notcve.org/view.php?id=CVE-2003-0779
12 Sep 2003 — SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. Vulnerabilidad de inyección de SQL en la funcionalidad de registro Call Detail Record (CDR) de Asterisk permite a atacantes remotos ejecutra SQL arbitrario mediante una cadena CallerID. • http://www.atstake.com/research/advisories/2003/a091103-1.txt •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2003-0761
https://notcve.org/view.php?id=CVE-2003-0761
12 Sep 2003 — Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. Desbordamiento de búfer en el get_msg_text de chan_sip.c en el protocolo de iniciación de sesión de entregas de Asterisk anteriores al 15/08/2003, permite a atacantes remotos ejecutar código arbitrario mediante ciertas peticiones MESSAGE o INFO. • http://www.atstake.com/research/advisories/2003/a090403-1.txt •