CVE-2017-9359
- Source
- https://cve.org/CVERecord?id=CVE-2017-9359
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-9359.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-9359
- Downstream
- Related
- Published
- 2017-06-02T05:29:00.730Z
- Modified
- 2026-02-11T14:02:26.843544Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
- References
-
- http://downloads.asterisk.org/pub/security/AST-2017-003.txt
- http://www.debian.org/security/2017/dsa-3933
- http://www.securityfocus.com/bid/98578
- https://bugs.debian.org/863902
- https://issues.asterisk.org/jira/browse/ASTERISK-26939
- https://issues.asterisk.org/jira/browse/ASTERISK-26939
- https://bugs.debian.org/863902