Skip to main content

Data Processing Errors

CVE-2014-6610

Severity Medium
Score 4/10

Summary

Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dialplan application.

  • LOW
  • NETWORK
  • SINGLE
  • NONE
  • NONE
  • PARTIAL

CWE-19 - Data Processing Errors

Weaknesses in this category are typically found in functionality that processes data. Data processing is the manipulation of input to retrieve or save information.

References

Advisory Timeline

  • Published