← Back

Asterisk Addons

asterisk-addons

Vendor: Asterisk • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-2543
1Asterisk
1Asterisk Addons
Apr 23, 2026
Jun 5, 2008
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4.7 creates a remotely accessible TCP port that is intended solely for localhost communication, and interprets some TCP a...Show more
The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4.7 creates a remotely accessible TCP port that is intended solely for localhost communication, and interprets some TCP application-data fields as addresses of memory to free, which allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets.Show less
CVE-2007-5488
1Asterisk
1Asterisk Addons
Apr 23, 2026
Oct 17, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers,...Show more
Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.Show less