Bug#364195: CVE-2006-1827: arbitrary code execution
sf at sfritsch.de
Fri Apr 21 20:24:16 UTC 2006
Justification: user security hole
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and
earlier allows remote attackers to execute arbitrary code via a length
value that passes a length check as a negative number, but triggers a
buffer overflow when it is used as an unsigned length.
This is fixed in 1.2.7.
Please mention the CVE-id in the changelog.
More information about the Pkg-voip-maintainers