Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2017-9359

The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

  • Published: Jun 2, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-9359
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
digium / open_source 13.9.0-rc1 13.9.0-rc1.x
digium / open_source 13.2.0 13.2.0.x
digium / open_source 13.9.0 13.9.0.x
digium / open_source 13.11.0-rc1 13.11.0-rc1.x
digium / open_source 13.4.0-rc1 13.4.0-rc1.x
digium / open_source 13.8.0 13.8.0.x
digium / open_source 13.1.0 13.1.0.x
digium / open_source 14.2.0 14.2.0.x
digium / open_source 13.12.0-rc1 13.12.0-rc1.x
digium / open_source 13.12.0 13.12.0.x
digium / open_source 13.1.0-rc2 13.1.0-rc2.x
digium / open_source 13.15.0-rc1 13.15.0-rc1.x
digium / open_source 13.10.0-rc1 13.10.0-rc1.x
digium / open_source 13.12.2 13.12.2.x
digium / open_source 13.8.0-rc1 13.8.0-rc1.x
digium / open_source 14.2.0-rc1 14.2.0-rc1.x
digium / open_source 13.13.0-rc1 13.13.0-rc1.x
digium / open_source 13.1.0-rc1 13.1.0-rc1.x
digium / open_source 13.2.0-rc1 13.2.0-rc1.x
digium / open_source 13.6.0-rc1 13.6.0-rc1.x
digium / open_source 14.2.0-rc2 14.2.0-rc2.x
digium / open_source 13.7.0-rc1 13.7.0-rc1.x
digium / open_source 13.8.1 13.8.1.x
digium / open_source 13.4.0 13.4.0.x
digium / open_source 13.3.0-rc1 13.3.0-rc1.x
digium / open_source 13.5.0 13.5.0.x
digium / open_source 13.7.0 13.7.0.x
digium / open_source 13.8.2 13.8.2.x
digium / open_source 13.14.0-rc1 13.14.0-rc1.x
digium / open_source 13.5.0-rc1 13.5.0-rc1.x
digium / open_source 13.12.1 13.12.1.x
digium / open_source 13.0.0 13.0.0.x
digium / certified_asterisk 13.13.0 13.13.0.x
digium / certified_asterisk 13.13.0-rc2 13.13.0-rc2.x
digium / certified_asterisk 13.13.0-cert1-rc4 13.13.0-cert1-rc4.x
digium / certified_asterisk 13.13.0-rc1 13.13.0-rc1.x
digium / certified_asterisk 13.13.0-cert1-rc3 13.13.0-cert1-rc3.x
digium / certified_asterisk 13.13.0-cert1-rc1 13.13.0-cert1-rc1.x
digium / certified_asterisk 13.13.0-cert3 13.13.0-cert3.x
digium / certified_asterisk 13.13.0-cert1-rc2 13.13.0-cert1-rc2.x
digium / certified_asterisk 13.13.0-cert1 13.13.0-cert1.x
digium / certified_asterisk 13.13.0-cert2 13.13.0-cert2.x