We found results for “”
CVE-2012-2947
Date: June 2, 2012
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a denial of service (daemon crash) by placing a call on hold.
Language: C
Severity Score
Related Resources (8)
Severity Score
Weakness Type (CWE)
Improper Access Control
CWE-284CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | LOW |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | NETWORK |
Access Complexity (AC): | HIGH |
Authentication (AU): | NONE |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | PARTIAL |
Additional information: |