Note:
This project will be discontinued after December 13, 2021. [more]
2019-03-28
An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.
| Products | Asterisk |
| Type | Integer Overflow or Wraparound (CWE-190) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://issues.asterisk.org/jira/browse/ASTERISK-28260
• https://downloads.asterisk.org/pub/security/AST-2019-001.html |