CVE-2007-1595

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2007-1595
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2007-1595.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2007-1595
Published
2007-03-22T23:19:00Z
Modified
2024-06-30T12:01:22Z
Summary
[none]
Details

The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extensions, which allows remote attackers to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form.

References

Affected packages

Debian:11 / asterisk

Package

Name
asterisk
Purl
pkg:deb/debian/asterisk?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.4.0~dfsg-1

Ecosystem specific

{
    "urgency": "low"
}