CVE-2018-1000099
published 2018-03-13CVE-2018-1000099: Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This…
PriorityP338high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
3.54%
87.8th percentile
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| pjsip | pjproject | >= 0 < 2.1.0.0.ast20130823-1+deb8u1ubuntu0.1~esm1 | 2.1.0.0.ast20130823-1+deb8u1ubuntu0.1~esm1 |
| pjsip | pjproject | >= 0 < 2.7.2~dfsg-1ubuntu0.1~esm1 | 2.7.2~dfsg-1ubuntu0.1~esm1 |
| teluu | pjsip | <= 2.7.1 | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv9.8CRITICAL
vendor_ubuntu9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
pjproject vulnerabilities
osv·2026-03-24·CVSS 9.8
CVE-2017-16872 [CRITICAL] pjproject vulnerabilities
pjproject vulnerabilities
Youngsung Kim discovered that PJSIP did not properly parse numeric header
fields in SIP messages. A remote attacker could use this issue to cause
PJSIP to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-16872)
Peter Koletzki discovered that PJSIP did not properly handle certain
connection requests. A remote attacker could possibly use this issue to
cause PJSIP to enter an unrecoverable state and reject further connections,
resulting in a denial of service. This issue only affected Ubuntu 16.04
LTS. (CVE-2017-16875)
Alfred Farrugia, Sandro Gauci, and Kevin Harwell discovered that PJSIP did
not properly parse certain SDP messages. A remote attacker could possibly
use this issue to c
GHSA
GHSA-g2mm-3mxm-q4ww: Teluu PJSIP version 2
ghsa_unreviewed·2022-05-13
CVE-2018-1000099 [HIGH] CWE-824 GHSA-g2mm-3mxm-q4ww: Teluu PJSIP version 2
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.
OSV
CVE-2018-1000099: Teluu PJSIP version 2
osv·2018-03-13·CVSS 7.5
CVE-2018-1000099 [HIGH] CVE-2018-1000099: Teluu PJSIP version 2
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.
Ubuntu
PJSIP vulnerabilities
vendor_ubuntu·2026-03-24·CVSS 9.8
CVE-2020-15260 [CRITICAL] PJSIP vulnerabilities
Title: PJSIP vulnerabilities
Summary: Several security issues were fixed in PJSIP.
Youngsung Kim discovered that PJSIP did not properly parse numeric header
fields in SIP messages. A remote attacker could use this issue to cause
PJSIP to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-16872)
Peter Koletzki discovered that PJSIP did not properly handle certain
connection requests. A remote attacker could possibly use this issue to
cause PJSIP to enter an unrecoverable state and reject further connections,
resulting in a denial of service. This issue only affected Ubuntu 16.04
LTS. (CVE-2017-16875)
Alfred Farrugia, Sandro Gauci, and Kevin Harwell discovered that PJSIP did
not properly parse certain SDP mess
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-1000099 asterisk: segmentation fault occurs in asterisk with an invalid SDP fmtp attribute [epel-6]
bugzilla·2018-02-22·CVSS 7.5
CVE-2018-1000099 [HIGH] CVE-2018-1000099 asterisk: segmentation fault occurs in asterisk with an invalid SDP fmtp attribute [epel-6]
CVE-2018-1000099 asterisk: segmentation fault occurs in asterisk with an invalid SDP fmtp attribute [epel-6]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-6.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Use the foll
Bugzilla
CVE-2018-1000099 asterisk: segmentation fault occurs in asterisk with an invalid SDP fmtp attribute [fedora-all]
bugzilla·2018-02-22·CVSS 7.5
CVE-2018-1000099 [HIGH] CVE-2018-1000099 asterisk: segmentation fault occurs in asterisk with an invalid SDP fmtp attribute [fedora-all]
CVE-2018-1000099 asterisk: segmentation fault occurs in asterisk with an invalid SDP fmtp attribute [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue
Bugzilla
CVE-2018-1000099 asterisk: segmentation fault occurs in asterisk with an invalid SDP fmtp attribute
bugzilla·2018-02-22·CVSS 7.5
CVE-2018-1000099 [HIGH] CVE-2018-1000099 asterisk: segmentation fault occurs in asterisk with an invalid SDP fmtp attribute
CVE-2018-1000099 asterisk: segmentation fault occurs in asterisk with an invalid SDP fmtp attribute
A flaw was discovered in Asterisk 13.x, 14.x, 15.x and 13.18. By crafting an SDP message body with an invalid fmtp attribute Asterisk crashes when using the pjsip channel driver because pjproject's fmtp retrieval function fails to check if fmtp value is empty (set empty if previously parsed as invalid).
References:
http://downloads.asterisk.org/pub/security/AST-2018-003.html
https://issues.asterisk.org/jira/browse/ASTERISK-27583
Patches:
http://downloads.asterisk.org/pub/security/AST-2018-003-13.diff [Asterisk 13]
http://downloads.asterisk.org/pub/security/AST-2018-003-14.diff [Asterisk 14]
http://downloads.asterisk.org/pub/security/AST-2018-003-15.diff [Asterisk 15]
http://downloads.ast
https://trac.pjsip.org/repos/milestone/release-2.7.2https://trac.pjsip.org/repos/ticket/2092https://trac.pjsip.org/repos/ticket/2094https://www.debian.org/security/2018/dsa-4170https://trac.pjsip.org/repos/milestone/release-2.7.2https://trac.pjsip.org/repos/ticket/2092https://trac.pjsip.org/repos/ticket/2094https://www.debian.org/security/2018/dsa-4170
2018-03-13
Published