Vulnerabilities > Yate > YET Another Telephony Engine > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-05-17 | CVE-2007-1693 | Improper Input Validation vulnerability in Yate YET Another Telephony Engine 1.1.0 The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri parameter using an incorrect variable that can be NULL, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a Call-Info header without a purpose parameter. | 7.8 |