FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- denial of service vulnerability, local system access

Affected packages
asterisk < 1.2.7


VuXML ID 8b683bea-d49c-11da-a672-000e0c2e438a
Discovery 2006-04-07
Entry 2006-04-25

Emmanouel Kellenis reports a denial of service vulnerability within asterisk. The vulnerability is caused by a buffer overflow in "format_jpeg.c". A large JPEG image could trigger this bug, potentially allowing a local attacker to execute arbitrary code.


Bugtraq ID 17561
CVE Name CVE-2006-1827