Double Key Unregistration Integer Overflow Vulnerability in Teluu pjproject

Double Key Unregistration Integer Overflow Vulnerability in Teluu pjproject

CVE-2017-16875 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. The ioqueue component may issue a double key unregistration after an attacker initiates a socket connection with specific settings and sequences. Such double key unregistration will trigger an integer overflow, which may cause ioqueue backends to reject future key registrations.

Learn more about our Web Application Penetration Testing UK.