CVE-2007-3762

Name of the Vulnerable Software and Affected Versions Asterisk versions prior to 1.2.22 Asterisk versions 1.4.x prior to 1.4.8 Asterisk Business Edition versions prior to B.2.2.1 AsteriskNOW versions prior to beta7 Asterisk Appliance Developer Kit versions prior to 0.5.0 s800i versions prior to 1.0.2

Description The issue is a stack-based buffer overflow in the IAX2 channel driver. This allows remote attackers to execute arbitrary code by sending a long voice or video RTP frame.

Recommendations For Asterisk versions prior to 1.2.22, update to version 1.2.22 or later. For Asterisk versions 1.4.x prior to 1.4.8, update to version 1.4.8 or later. For Asterisk Business Edition versions prior to B.2.2.1, update to version B.2.2.1 or later. For AsteriskNOW versions prior to beta7, update to version beta7 or later. For Asterisk Appliance Developer Kit versions prior to 0.5.0, update to version 0.5.0 or later. For s800i versions prior to 1.0.2, update to version 1.0.2 or later.