← Back

CVE-2017-17664

nvd nist
Published: Dec 13, 2017Modified: May 13, 2026

JSON object

Loading...
5.9
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.2 / Impact: 3.6
Source: NVD

Description

A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack.

Affected (16)

Digium
2 products
Asterisk
Certified Asterisk
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Digium
Asterisk
From 13.0.0 to 13.18.4
Asterisk
From 14.0.0 to 14.7.4
Asterisk
From 15.0.0 to 15.1.4
Configuration B
13 vulnerable
Vulnerable SoftwareAffected Versions
Digium
Certified Asterisk
Up to 13.13
Certified Asterisk
Version 13.13 cert1
Certified Asterisk
Version 13.13 cert1_rc1
Certified Asterisk
Version 13.13 cert1_rc2
Certified Asterisk
Version 13.13 cert1_rc3
Certified Asterisk
Version 13.13 cert1_rc4
Certified Asterisk
Version 13.13 cert2
Certified Asterisk
Version 13.13 cert3
Certified Asterisk
Version 13.13 cert4
Certified Asterisk
Version 13.13 cert5
Certified Asterisk
Version 13.13 cert6
Certified Asterisk
Version 13.13 cert7
Certified Asterisk
Version 13.13 cert8

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (12)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Issue TrackingPatchVendor Advisory
Source: cve@mitre.org
Issue TrackingVendor Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.