CVE-2011-1147

Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
digiumasterisk
1.4.0
digiumasterisk
1.4.0
digiumasterisk
1.4.0
digiumasterisk
1.4.0
digiumasterisk
1.4.0
digiumasterisk
1.4.1
digiumasterisk
1.4.2
digiumasterisk
1.4.3
digiumasterisk
1.4.10
digiumasterisk
1.4.10.1
digiumasterisk
1.4.11
digiumasterisk
1.4.12
digiumasterisk
1.4.12.1
digiumasterisk
1.4.13
digiumasterisk
1.4.14
digiumasterisk
1.4.15
digiumasterisk
1.4.16
digiumasterisk
1.4.16.1
digiumasterisk
1.4.16.2
digiumasterisk
1.4.17
digiumasterisk
1.4.18
digiumasterisk
1.4.19
digiumasterisk
1.4.19
digiumasterisk
1.4.19
digiumasterisk
1.4.19
digiumasterisk
1.4.19
digiumasterisk
1.4.19.1
digiumasterisk
1.4.19.2
digiumasterisk
1.4.20
digiumasterisk
1.4.20
digiumasterisk
1.4.20
digiumasterisk
1.4.20
digiumasterisk
1.4.20.1
digiumasterisk
1.4.21
digiumasterisk
1.4.21
digiumasterisk
1.4.21
digiumasterisk
1.4.21.1
digiumasterisk
1.4.21.2
digiumasterisk
1.4.22
digiumasterisk
1.4.22
digiumasterisk
1.4.22
digiumasterisk
1.4.22
digiumasterisk
1.4.22
digiumasterisk
1.4.22
digiumasterisk
1.4.22.1
digiumasterisk
1.4.22.2
digiumasterisk
1.4.23
digiumasterisk
1.4.23
digiumasterisk
1.4.23
digiumasterisk
1.4.23
digiumasterisk
1.4.23
digiumasterisk
1.4.23.1
digiumasterisk
1.4.23.2
digiumasterisk
1.4.24
digiumasterisk
1.4.24
digiumasterisk
1.4.24.1
digiumasterisk
1.4.25
digiumasterisk
1.4.25
digiumasterisk
1.4.25.1
digiumasterisk
1.4.26
digiumasterisk
1.4.26
digiumasterisk
1.4.26
digiumasterisk
1.4.26
digiumasterisk
1.4.26
digiumasterisk
1.4.26
digiumasterisk
1.4.26
digiumasterisk
1.4.26.1
digiumasterisk
1.4.26.2
digiumasterisk
1.4.26.3
digiumasterisk
1.4.27
digiumasterisk
1.4.27
digiumasterisk
1.4.27
digiumasterisk
1.4.27
digiumasterisk
1.4.27
digiumasterisk
1.4.27
digiumasterisk
1.4.27.1
digiumasterisk
1.4.28
digiumasterisk
1.4.28
digiumasterisk
1.4.29
digiumasterisk
1.4.29
digiumasterisk
1.4.29.1
digiumasterisk
1.4.30
digiumasterisk
1.4.30
digiumasterisk
1.4.30
digiumasterisk
1.4.31
digiumasterisk
1.4.31
digiumasterisk
1.4.31
digiumasterisk
1.4.32
digiumasterisk
1.4.32
digiumasterisk
1.4.33
digiumasterisk
1.4.33
digiumasterisk
1.4.33
digiumasterisk
1.4.33.1
digiumasterisk
1.4.34
digiumasterisk
1.4.34
digiumasterisk
1.4.34
digiumasterisk
1.4.35
digiumasterisk
1.4.35
digiumasterisk
1.4.36
digiumasterisk
1.4.36
digiumasterisk
1.4.37
digiumasterisk
1.4.37
digiumasterisk
1.4.38
digiumasterisk
1.4.38
digiumasterisk
1.4.39
digiumasterisk
1.4.39
digiumasterisk
1.4.39.1
digiumasterisk
1.6.2.0
digiumasterisk
1.6.2.0
digiumasterisk
1.6.2.0
digiumasterisk
1.6.2.0
digiumasterisk
1.6.2.0
digiumasterisk
1.6.2.0
digiumasterisk
1.6.2.0
digiumasterisk
1.6.2.0
digiumasterisk
1.6.2.1
digiumasterisk
1.6.2.1
digiumasterisk
1.6.2.2
digiumasterisk
1.6.2.3
digiumasterisk
1.6.2.4
digiumasterisk
1.6.2.5
digiumasterisk
1.6.2.6
digiumasterisk
1.6.2.6
digiumasterisk
1.6.2.6
digiumasterisk
1.6.2.15
digiumasterisk
1.6.2.16
digiumasterisk
1.6.2.16
digiumasterisk
1.6.2.16.1
digiumasterisk
1.8.0
digiumasterisk
1.8.0
digiumasterisk
1.8.0
digiumasterisk
1.8.0
digiumasterisk
1.8.0
digiumasterisk
1.8.0
digiumasterisk
1.8.0
digiumasterisk
1.8.0
digiumasterisk
1.8.0
digiumasterisk
1.8.0
digiumasterisk
1.8.1
digiumasterisk
1.8.1
digiumasterisk
1.8.1.1
digiumasterisk
1.8.1.2
digiumasterisk
1.8.2
digiumasterisk
1.8.2.1
digiumasterisk
1.8.2.2
digiumasterisk
1.8.2.3
digiumasterisknow
1.5
digiums800i
*
digiumasterisk
1.6.1.0
digiumasterisk
1.6.1.0
digiumasterisk
1.6.1.0
digiumasterisk
1.6.1.0
digiumasterisk
1.6.1.0
digiumasterisk
1.6.1.1
digiumasterisk
1.6.1.2
digiumasterisk
1.6.1.3
digiumasterisk
1.6.1.4
digiumasterisk
1.6.1.5
digiumasterisk
1.6.1.5
digiumasterisk
1.6.1.6
digiumasterisk
1.6.1.7
digiumasterisk
1.6.1.7
digiumasterisk
1.6.1.8
digiumasterisk
1.6.1.9
digiumasterisk
1.6.1.10
digiumasterisk
1.6.1.10
digiumasterisk
1.6.1.10
digiumasterisk
1.6.1.10
digiumasterisk
1.6.1.11
digiumasterisk
1.6.1.12
digiumasterisk
1.6.1.12
digiumasterisk
1.6.1.13
digiumasterisk
1.6.1.13
digiumasterisk
1.6.1.14
digiumasterisk
1.6.1.15
digiumasterisk
1.6.1.16
digiumasterisk
1.6.1.17
digiumasterisk
1.6.1.18
digiumasterisk
1.6.1.18
digiumasterisk
1.6.1.18
digiumasterisk
1.6.1.19
digiumasterisk
1.6.1.19
digiumasterisk
1.6.1.19
digiumasterisk
1.6.1.19
digiumasterisk
1.6.1.20
digiumasterisk
1.6.1.20
digiumasterisk
1.6.1.20
digiumasterisk
1.6.1.21
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
asterisk
bullseye
1:16.28.0~dfsg-0+deb11u4
fixed
bullseye (security)
1:16.28.0~dfsg-0+deb11u5
fixed
sid
1:22.0.0~dfsg+~cs6.14.60671435-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
asterisk
natty
Fixed 1:1.6.2.9-2ubuntu2.1
released
maverick
Fixed 1:1.6.2.7-1ubuntu1.2
released
lucid
Fixed 1:1.6.2.5-0ubuntu1.4
released
karmic
ignored
hardy
ignored
dapper
ignored