Bug#364195: CVE-2006-1827: arbitrary code execution
Stefan Fritsch
sf at sfritsch.de
Fri Apr 21 20:24:16 UTC 2006
Package: asterisk
Severity: grave
Tags: security
Justification: user security hole
CVE-2006-1827:
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and
earlier allows remote attackers to execute arbitrary code via a length
value that passes a length check as a negative number, but triggers a
buffer overflow when it is used as an unsigned length.
This is fixed in 1.2.7.
Please mention the CVE-id in the changelog.
More information about the Pkg-voip-maintainers
mailing list