Buffer Overflow Vulnerability in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1

Buffer Overflow Vulnerability in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1

CVE-2017-16872 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message (like cseq, ttl, port, etc.) all had the potential to overflow, either causing unintended values to be captured or, if the values were subsequently converted back to strings, a buffer overrun. This will lead to a potential exploit using carefully crafted invalid values.

Learn more about our Web Application Penetration Testing UK.