CVE Vulnerabilities

CVE-2006-1827

Published: Apr 18, 2006 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length.

Affected Software

Name Vendor Start Version End Version
Asterisk Digium * 1.2.6 (including)
Asterisk Digium 0.1.0 (including) 0.1.0 (including)
Asterisk Digium 0.1.1 (including) 0.1.1 (including)
Asterisk Digium 0.1.2 (including) 0.1.2 (including)
Asterisk Digium 0.1.3 (including) 0.1.3 (including)
Asterisk Digium 0.1.4 (including) 0.1.4 (including)
Asterisk Digium 0.1.5 (including) 0.1.5 (including)
Asterisk Digium 0.1.6 (including) 0.1.6 (including)
Asterisk Digium 0.1.7 (including) 0.1.7 (including)
Asterisk Digium 0.1.8 (including) 0.1.8 (including)
Asterisk Digium 0.1.9 (including) 0.1.9 (including)
Asterisk Digium 0.1.9.1 (including) 0.1.9.1 (including)
Asterisk Digium 0.1.10 (including) 0.1.10 (including)
Asterisk Digium 0.1.11 (including) 0.1.11 (including)
Asterisk Digium 0.1.12 (including) 0.1.12 (including)
Asterisk Digium 0.2 (including) 0.2 (including)
Asterisk Digium 0.2.0 (including) 0.2.0 (including)
Asterisk Digium 0.3 (including) 0.3 (including)
Asterisk Digium 0.3.0 (including) 0.3.0 (including)
Asterisk Digium 0.4 (including) 0.4 (including)
Asterisk Digium 0.4.0 (including) 0.4.0 (including)
Asterisk Digium 0.5.0 (including) 0.5.0 (including)
Asterisk Digium 0.7.0 (including) 0.7.0 (including)
Asterisk Digium 0.7.1 (including) 0.7.1 (including)
Asterisk Digium 0.7.2 (including) 0.7.2 (including)
Asterisk Digium 1.0.0 (including) 1.0.0 (including)
Asterisk Digium 1.0.1 (including) 1.0.1 (including)
Asterisk Digium 1.0.2 (including) 1.0.2 (including)
Asterisk Digium 1.0.3 (including) 1.0.3 (including)
Asterisk Digium 1.0.4 (including) 1.0.4 (including)
Asterisk Digium 1.0.5 (including) 1.0.5 (including)
Asterisk Digium 1.0.6 (including) 1.0.6 (including)
Asterisk Digium 1.0.7 (including) 1.0.7 (including)
Asterisk Digium 1.0.8 (including) 1.0.8 (including)
Asterisk Digium 1.0.9 (including) 1.0.9 (including)
Asterisk Digium 1.0_rc1 (including) 1.0_rc1 (including)
Asterisk Digium 1.0_rc2 (including) 1.0_rc2 (including)
Asterisk Digium 1.2.0_beta1 (including) 1.2.0_beta1 (including)
Asterisk Ubuntu dapper *
Asterisk Ubuntu devel *
Asterisk Ubuntu edgy *
Asterisk Ubuntu feisty *

References