CVE-2019-7251

CVE Database · CVE-2019-7251

CVE-2019-7251

· N/AModified

CVSS v3.1

N/A

EPSS

3.81%

Published

Mar 28, 2019

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.

Weaknesses (CWE)

CWE-190

Affected Products (2)

digium · asterisk (up to 15.7.2)vulnerable

digium · asterisk (up to 16.2.1)vulnerable

References (4)

https://downloads.asterisk.org/pub/security/AST-2019-001.html

PatchVendor Advisory

https://issues.asterisk.org/jira/browse/ASTERISK-28260

Issue TrackingVendor Advisory

https://downloads.asterisk.org/pub/security/AST-2019-001.html

PatchVendor Advisory

https://issues.asterisk.org/jira/browse/ASTERISK-28260

Issue TrackingVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs