NVD

Id
45357  
Name
CVE-2012-3812  
Description
Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones allows remote authenticated users to cause a denial of service (daemon crash) by establishing multiple voicemail sessions and accessing both the Urgent mailbox and the INBOX mailbox.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2012-07-09  
Modified Date
2013-04-18  
Seq
2012-3812  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
227747 45357 CVE-2012-3812 http://downloads.asterisk.org/pub/security/AST-2012-011.html  View
227748 45357 CVE-2012-3812 DSA-2550  View
227749 45357 CVE-2012-3812 54317  View
227750 45357 CVE-2012-3812 https://issues.asterisk.org/jira/browse/ASTERISK-20052  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27328 JVNDB-2012-003035 複数の Asterisk 製品の apps/app_voicemail.c におけるメモリ二重解放の脆弱性 複数の Asterisk 製品の apps/app_voicemail.c は、メモリを二重に解放する不備があるため、サービス運用妨害 (デーモンクラッシュ) 状態となる脆弱性が存在します。 CVE-2012-3812 57050 CVE-2012-3812 45357 4 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003035.html 2012-06-13 2012-11-08 View