Total vulnerabilities in the database
Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads to a heap-based buffer overflow.
| Software | From | Fixed in |
|---|---|---|
| digium / asterisk | 0.4 | 0.4.x |
| digium / asterisk | 1.2.11 | 1.2.11.x |
| digium / asterisk | 1.2.12 | 1.2.12.x |
| digium / asterisk | 1.0 | 1.0.x |
| digium / asterisk | 0.7.1 | 0.7.1.x |
| digium / asterisk | 0.1.9 | 0.1.9.x |
| digium / asterisk | 1.2.10 | 1.2.10.x |
| digium / asterisk | 0.7.2 | 0.7.2.x |
| digium / asterisk | 1.2.9 | 1.2.9.x |
| digium / asterisk | 0.2 | 0.2.x |
| digium / asterisk | 1.0.9 | 1.0.9.x |
| digium / asterisk | 0.7 | 0.7.x |
| digium / asterisk | 1.2_beta2 | 1.2_beta2.x |
| digium / asterisk | 1.0.10 | 1.0.10.x |
| digium / asterisk | 0.1.9.1 | 0.1.9.1.x |
| digium / asterisk | 0.1.8 | 0.1.8.x |
| digium / asterisk | 1.2.8 | 1.2.8.x |
| digium / asterisk | 1.2.6 | 1.2.6.x |
| digium / asterisk | 0.1.7 | 0.1.7.x |
| digium / asterisk | 1.0.8 | 1.0.8.x |
| digium / asterisk | 1.2.7 | 1.2.7.x |
| digium / asterisk | 1.2_beta1 | 1.2_beta1.x |
| digium / asterisk | 0.9 | 0.9.x |
| digium / asterisk | 1.0.7 | 1.0.7.x |
| digium / asterisk | 0.3 | 0.3.x |
| digium / asterisk | 1.0.11 | 1.0.11.x |