CVE-2012-3812

Loading...

General

Score:4.0/10.0
Severity:Low
Category:Resource Management Error

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:Single

Relative vulnerabilities

CVE-2012-2186, CVE-2012-3863, CVE-2012-4737

Published on 10/07/12 - Updated on 19/04/13

Description

Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones allows remote authenticated users to cause a denial of service (daemon crash) by establishing multiple voicemail sessions and accessing both the Urgent mailbox and the INBOX mailbox.

Category: Resource Management Error

CWE-399 (Resource Management Errors)
Weaknesses in this category are related to improper management of system resources.

Security Notices

US National Vulnerability DatabaseCVE-2012-3812
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2012-AVI-371
Debian DSA-2550-1
Renater 2012/VULN264

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
digiumasterisk
digiumasteriske
digiumcertified_asterisk

Share this vulnerability with:

Twitter Facebook LinkedIn Mail