Denial of Service Vulnerability in Asterisk Open Source 10.x before 10.5.1

CVE-2012-3553 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by sending a Station Key Pad Button message and closing a connection in off-hook mode, a related issue to CVE-2012-2948.

Learn more about our Open Source Audit.