Displaying 1 result from an estimated 1 matches for "ast_uri_encode".
2011 Jan 18
3
AST-2011-001: Stack buffer overflow in SIP channel driver
...made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well.
The ast_uri_encode function does not properly respect the size
of its output buffer and can write past the end of it when
encoding URIs.
Resolution The size of the output buffer passed to the ast_uri_encode
fu...