Showing 1 - 3 of 3

CVE-2022-21723

Status Candidate

Overview

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the `master` branch. There are no known workarounds.

Related Files

Debian Security Advisory 5285-1: Posted Nov 18, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5285-1 - Multiple security vulnerabilities have been found in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for information disclosure or the execution of arbitrary code.; tags | advisory, overflow, arbitrary, vulnerability, info disclosure; systems | linux, debian; advisories | CVE-2021-37706, CVE-2021-43299, CVE-2021-43300, CVE-2021-43301, CVE-2021-43302, CVE-2021-43303, CVE-2021-43804, CVE-2021-43845, CVE-2021-46837, CVE-2022-21722, CVE-2022-21723, CVE-2022-23608, CVE-2022-24763, CVE-2022-24764; SHA-256 | 5954aa3a6292b16c124f88a5565b25ffb1de65f24ab2438dbac72d360d3842cd; Download | Favorite | View

Gentoo Linux Security Advisory 202210-37: Posted Nov 1, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202210-37 - Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. Versions less than 2.12.1 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2021-32686, CVE-2021-37706, CVE-2021-41141, CVE-2021-43804, CVE-2021-43845, CVE-2022-21722, CVE-2022-21723, CVE-2022-23608, CVE-2022-24754, CVE-2022-24763, CVE-2022-24764, CVE-2022-24786, CVE-2022-24792, CVE-2022-24793; SHA-256 | 0283ae0c45529cc645d6e34ea884fdbdff80a46da788bbb3271840ecfe2a7e46; Download | Favorite | View

Asterisk Project Security Advisory - AST-2022-006: Posted Mar 7, 2022; Authored by Kevin Harwell, Sauw Ming | Site asterisk.org; If an incoming SIP message contains a malformed multi-part body an out-of-bounds read access may occur, which can result in undefined behavior. Note, it is currently uncertain if there is any externally exploitable vector within Asterisk for this issue, but they are providing this as a security issue out of caution.; tags | advisory; advisories | CVE-2022-21723; SHA-256 | 97b8999a7c776bc25667d248af8128d9089bb735a74f21b5e8602a90fb5d57dc; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 249 files
Jay Turla 150 files
indoushka 147 files
Ubuntu 62 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,118)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,071)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,733)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,808)
UNIX (9,452)
UnixWare (188)
Windows (6,763)
Other

CVE-2022-21723

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems