CVE-2019-15297
09.09.2019, 21:15
res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.Enginsight
| Vendor | Product | Version |
|---|---|---|
| digium | asterisk | 15.0.0 ≤ 𝑥 ≤ 15.7.3 |
| digium | asterisk | 16.0.0 ≤ 𝑥 ≤ 16.5.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References