CVE-2014-6609 | SynScan

Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2014-6609

The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

Published: Nov 26, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-6609
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:N/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
digium / asterisk	12.0.0	12.0.0.x
digium / asterisk	12.3.0-rc2	12.3.0-rc2.x
digium / asterisk	12.1.0-rc3	12.1.0-rc3.x
digium / asterisk	12.4.0-rc1	12.4.0-rc1.x
digium / asterisk	12.2.0-rc3	12.2.0-rc3.x
digium / asterisk	12.1.0-rc1	12.1.0-rc1.x
digium / asterisk	12.5.0	12.5.0.x
digium / asterisk	12.2.0-rc2	12.2.0-rc2.x
digium / asterisk	12.3.0	12.3.0.x
digium / asterisk	12.5.0-rc1	12.5.0-rc1.x
digium / asterisk	12.4.0	12.4.0.x
digium / asterisk	12.3.0-rc1	12.3.0-rc1.x
digium / asterisk	12.2.0-rc1	12.2.0-rc1.x
digium / asterisk	12.2.0	12.2.0.x
digium / asterisk	12.1.0-rc2	12.1.0-rc2.x
digium / asterisk	12.1.0	12.1.0.x

http://downloads.asterisk.org/pub/security/AST-2014-009.html