CVE-2012-1183

Name of the Vulnerable Software and Affected Versions Asterisk versions 1.4.x through 1.4.43 Asterisk versions 1.6.x through 1.6.2.22 Asterisk versions 1.8.x through 1.8.10.0 Asterisk versions 10.x through 10.2.0

Description The issue is related to a stack-based buffer overflow in the milliwatt generate function of the Miliwatt application. This occurs when the 'o' option is used and the internal timing option is off, allowing remote attackers to cause a denial of service (application crash) via a large number of samples in an audio packet.

Recommendations For Asterisk versions 1.4.x through 1.4.43, update to version 1.4.44 or later. For Asterisk versions 1.6.x through 1.6.2.22, update to version 1.6.2.23 or later. For Asterisk versions 1.8.x through 1.8.10.0, update to version 1.8.10.1 or later. For Asterisk versions 10.x through 10.2.0, update to version 10.2.1 or later.