cbcvebase.
CVE-2014-6609
published 2014-11-26

CVE-2014-6609: The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted…

PriorityP417medium4CVSS 2.0
AVNACLAuSCNINAP
EPSS
3.61%
88.1th percentile
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

Affected

11 ranges
VendorProductVersion rangeFixed in
debianasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
phpmyadminphpmyadmin>= 0 < 4:4.0.10-1ubuntu0.1+esm44:4.0.10-1ubuntu0.1+esm4
phpmyadminphpmyadmin>= 0 < 4:4.5.4.1-2ubuntu2.1+esm64:4.5.4.1-2ubuntu2.1+esm6
phpmyadminphpmyadmin>= 0 < 4:4.6.6-5ubuntu0.5+esm14:4.6.6-5ubuntu0.5+esm1
phpmyadminphpmyadmin>= 0 < 4:4.9.5+dfsg1-2ubuntu0.1~esm14:4.9.5+dfsg1-2ubuntu0.1~esm1

CVSS provenance

nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian4.0LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.