CVE-2012-3812

Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones allows remote authenticated users to cause a denial of service (daemon crash) by establishing multiple voicemail sessions and accessing both the Urgent mailbox and the INBOX mailbox.

Published: Jul 10, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-3812
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:N/A:P

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
digium / asterisk	1.8.3-rc3	1.8.3-rc3.x
digium / asterisk	1.8.8.0-rc5	1.8.8.0-rc5.x
digium / asterisk	1.8.11.0	1.8.11.0.x
digium / asterisk	1.8.3	1.8.3.x
digium / asterisk	1.8.2.4	1.8.2.4.x
digium / asterisk	1.8.0-beta2	1.8.0-beta2.x
digium / asterisk	1.8.6.0-rc3	1.8.6.0-rc3.x
digium / asterisk	1.8.3-rc1	1.8.3-rc1.x
digium / asteriske	1.8.9.1	1.8.9.1.x
digium / asterisk	1.8.1	1.8.1.x
digium / asterisk	1.8.1.2	1.8.1.2.x
digium / asterisk	1.8.7.1	1.8.7.1.x
digium / asterisk	1.8.7.0-rc1	1.8.7.0-rc1.x
digium / asterisk	1.8.13.0-rc1	1.8.13.0-rc1.x
digium / asteriske	1.8.8.0-rc4	1.8.8.0-rc4.x
digium / asterisk	1.8.4.3	1.8.4.3.x
digium / asterisk	1.8.0-beta4	1.8.0-beta4.x
digium / asterisk	1.8.4-rc1	1.8.4-rc1.x
digium / asterisk	1.8.0-rc5	1.8.0-rc5.x
digium / asterisk	1.8.9.0	1.8.9.0.x
digium / certified_asterisk	1.8.11-cert1	1.8.11-cert1.x
digium / asterisk	1.8.9.3	1.8.9.3.x
digium / asterisk	1.8.4.4	1.8.4.4.x
digium / asterisk	1.8.7.0	1.8.7.0.x
digium / asterisk	1.8.8.0-rc2	1.8.8.0-rc2.x
digium / asterisk	1.8.5.0	1.8.5.0.x
digium / asterisk	1.8.8.0-rc1	1.8.8.0-rc1.x
digium / asterisk	1.8.13.0	1.8.13.0.x
digium / asterisk	1.8.3.1	1.8.3.1.x
digium / asterisk	1.8.8.0	1.8.8.0.x
digium / asterisk	1.8.0-beta3	1.8.0-beta3.x
digium / asterisk	1.8.8.1	1.8.8.1.x
digium / asterisk	1.8.0-beta5	1.8.0-beta5.x
digium / asterisk	1.8.4	1.8.4.x
digium / asterisk	1.8.9.0-rc1	1.8.9.0-rc1.x
digium / asterisk	1.8.3.2	1.8.3.2.x
digium / asterisk	1.8.0-rc2	1.8.0-rc2.x
digium / asterisk	1.8.7.0-rc2	1.8.7.0-rc2.x
digium / asterisk	1.8.3-rc2	1.8.3-rc2.x
digium / asterisk	1.8.4.2	1.8.4.2.x
digium / asterisk	1.8.6.0-rc2	1.8.6.0-rc2.x
digium / asterisk	1.8.2.3	1.8.2.3.x
digium / asterisk	1.8.11.0-rc3	1.8.11.0-rc3.x
digium / asterisk	1.8.11.0-rc2	1.8.11.0-rc2.x
digium / asterisk	1.8.3.3	1.8.3.3.x
digium / asterisk	1.8.4-rc2	1.8.4-rc2.x
digium / asterisk	1.8.2.1	1.8.2.1.x
digium / asterisk	1.8.1-rc1	1.8.1-rc1.x
digium / certified_asterisk	1.8.11-cert	1.8.11-cert.x
digium / asterisk	1.8.0	1.8.0.x
digium / asterisk	1.8.0-rc3	1.8.0-rc3.x
digium / asterisk	1.8.11.1	1.8.11.1.x
digium / asterisk	1.8.1.1	1.8.1.1.x
digium / asterisk	1.8.2	1.8.2.x
digium / asterisk	1.8.2.2	1.8.2.2.x
digium / asterisk	1.8.4-rc3	1.8.4-rc3.x
digium / asterisk	1.8.9.2	1.8.9.2.x
digium / asterisk	1.8.0-beta1	1.8.0-beta1.x
digium / asterisk	1.8.9.0-rc3	1.8.9.0-rc3.x
digium / asterisk	1.8.13.0-rc2	1.8.13.0-rc2.x
digium / asterisk	1.8.6.0	1.8.6.0.x
digium / asterisk	1.8.0-rc4	1.8.0-rc4.x
digium / asterisk	1.8.8.2	1.8.8.2.x
digium / asterisk	1.8.5-rc1	1.8.5-rc1.x
digium / asterisk	1.8.5	1.8.5.x
digium / asterisk	1.8.9.0-rc2	1.8.9.0-rc2.x
digium / asterisk	1.8.4.1	1.8.4.1.x
digium / asterisk	1.8.8.0-rc3	1.8.8.0-rc3.x
digium / asterisk	1.8.6.0-rc1	1.8.6.0-rc1.x
digium / asterisk	10.2.1	10.2.1.x
digium / asterisk	10.0.0-rc2	10.0.0-rc2.x
digium / asterisk	10.0.1	10.0.1.x
digium / asterisk	10.3.0-rc2	10.3.0-rc2.x
digium / asterisk	10.5.0-rc1	10.5.0-rc1.x
digium / asterisk	10.5.1	10.5.1.x
digium / asterisk	10.5.0-rc2	10.5.0-rc2.x
digium / asterisk	10.1.0-rc2	10.1.0-rc2.x
digium / asterisk	10.5.0	10.5.0.x
digium / asterisk	10.2.0	10.2.0.x
digium / asterisk	10.2.0-rc3	10.2.0-rc3.x
digium / asterisk	10.4.0-rc1	10.4.0-rc1.x
digium / asterisk	10.4.0	10.4.0.x
digium / asterisk	10.1.0-rc1	10.1.0-rc1.x
digium / asterisk	10.0.0-rc3	10.0.0-rc3.x
digium / asterisk	10.3.1	10.3.1.x
digium / asterisk	10.1.0	10.1.0.x
digium / asterisk	10.2.0-rc2	10.2.0-rc2.x
digium / asterisk	10.2.0-rc1	10.2.0-rc1.x
digium / asterisk	10.0.0-beta1	10.0.0-beta1.x
digium / asterisk	10.1.1	10.1.1.x
digium / asterisk	10.3.0-rc3	10.3.0-rc3.x
digium / asterisk	10.1.3	10.1.3.x
digium / asterisk	10.1.2	10.1.2.x
digium / asterisk	10.4.0-rc2	10.4.0-rc2.x
digium / asterisk	10.0.0	10.0.0.x
digium / asterisk	10.3.0	10.3.0.x
digium / asterisk	10.2.0-rc4	10.2.0-rc4.x
digium / asterisk	10.4.2	10.4.2.x
digium / asterisk	10.0.0-rc1	10.0.0-rc1.x
digium / asterisk	10.4.1	10.4.1.x
digium / asterisk	10.4.0-rc3	10.4.0-rc3.x
digium / asterisk	10.0.0-beta2	10.0.0-beta2.x
digium / certified_asterisk	1.8.11-cert2	1.8.11-cert2.x
digium / certified_asterisk	1.8.11-cert3	1.8.11-cert3.x

Vulnerability Database

289,697

CVE-2012-3812