CVE-2014-8416 in Asterisk信息

摘要

由 VulDB • 2026-05-18

Asterisk Open Source 12.x 12.7.1 之前版本以及 13.x 13.0.1 之前版本中 PJSIP 通道驱动程序的 res_pjsip_refer 模块存在 use-after-free 漏洞。远程攻击者可通过发送带有 Replaces 消息的对话内 INVITE 请求触发通道挂起,从而导致拒绝服务(崩溃)。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!