* You are viewing Posts Tagged ‘resolution management’

AST-2012-011: Remote Crash Vulnerability In Voice Mail Application

If a single voicemail account is manipulated by two parties simultaneously, a condition can occur where memory is freed twice causing a crash.

Management of the memory in question has been reworked so that double frees and out of bounds array access do not occur. Upgrade to the latest release.

Affected Versions

  • Product Release Series
  • Asterisk Open Source 1.8.x 1.8.11 and newer
  • Asterisk Open Source 10.x 10.3 and newer
  • Certified Asterisk 1.8.11-certx All versions
  • Asterisk Digiumphones 10.x.x-digiumphones All versions

Corrected In

  • Product Release
  • Asterisk Open Source 1.8.13.1, 10.5.2
  • Certified Asterisk 1.8.11-cert4
  • Asterisk Digiumphones 10.5.2-digiumphones