Unknown
CVE-2014-9374
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Double free vulnerability in the WebSocket Server (res_http_websocket module) in Asterisk Open Source 11.x before 11.14.2, 12.x before 12.7.2, and 13.x before 13.0.2 and Certified Asterisk 11.6 before 11.6-cert9 allows remote attackers to cause a denial of service (crash) by sending a zero length frame after a non-zero length frame.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- asterisk 11.0.0,
- asterisk 11.1.0,
- asterisk 11.10.0,
- asterisk 11.11.0,
- asterisk 11.12.0,
- asterisk 11.13.0,
- asterisk 11.14.0,
- asterisk 11.2.0,
- asterisk 11.3.0,
- asterisk 11.4.0,
- asterisk 11.5.0,
- asterisk 11.6.0,
- asterisk 11.7.0,
- asterisk 11.8.0,
- asterisk 11.9.0,
- asterisk 12.0.0,
- asterisk 12.1.0,
- asterisk 12.2.0,
- asterisk 12.3.0,
- asterisk 12.4.0,
- asterisk 12.5.0,
- asterisk 12.6.0,
- asterisk 12.7.0,
- asterisk 12.7.1,
- asterisk 13.0.0,
- asterisk 13.0.1,
- certified asterisk 11.6,
- certified asterisk 11.6.0
References
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
