Debian Linux Security Advisory 3539-1 - Randell Jesup and the Firefox team discovered that srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol (SRTP), does not properly handle RTP header CSRC count and extension header length. A remote attacker can exploit this vulnerability to crash an application linked against libsrtp, resulting in a denial of service.
2a21727a1da862b7191dcc3e6d927736a0e79bdf2e9a74f409de9c5217970cc5