) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:digium:asterisk:12.2.0:rc1:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2014-4047 |
Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and 12.x before 12.3.1 and Certified Asterisk 1.8.15 before 1.8.15-cert6 and 11.6 before 11.6-cert3 allows remote attackers to cause a denial of service (connection consumption) via a large number of (1) inactive or (2) incomplete HTTP connections. Published: June 17, 2014; 10:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2014-4046 |
Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action. Published: June 17, 2014; 10:55:07 AM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |
| CVE-2014-4045 |
The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when sub_min_expiry is set to zero, allows remote attackers to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to the device. Published: June 17, 2014; 10:55:07 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |