Vulnerabilities > Asterisk > Asterisk Appliance Developer KIT
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-18 | CVE-2007-3763 | Remote Denial of Service vulnerability in Asterisk The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable. | 5.0 |
2007-07-18 | CVE-2007-3762 | Remote Stack Buffer Overflow vulnerability in Asterisk IAX2 Channel Driver IAX2_Write Function Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame. | 9.3 |