FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- Remote crash vulnerability with MESSAGE messages

Affected packages
asterisk13 < 13.27.1
asterisk15 < 15.7.3
asterisk16 < 16.4.1

Details

VuXML ID 818b2bcb-a46f-11e9-bed9-001999f8d30b
Discovery 2019-06-13
Entry 2019-07-12

The Asterisk project reports:

A specially crafted SIP in-dialog MESSAGE message can cause Asterisk to crash.

References

CVE Name CVE-2019-12827
URL https://downloads.asterisk.org/pub/security/AST-2019-002.html