Denial of Service Vulnerability in Asterisk Open Source and Certified Asterisk

Denial of Service Vulnerability in Asterisk Open Source and Certified Asterisk

CVE-2014-6610 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dialplan application.

Learn more about our Open Source Audit.