Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2007-1595

The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extensions, which allows remote attackers to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form.

  • Published: Mar 23, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-1595
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
asterisk / asterisk 1.2.13 1.2.13.x