CVE-2022-24793|PJSIP is a free and open source... - VULHUB开源网络安全威胁库

PJSIP is a free and open source... CVE-2022-24793

4.3 AV AC AU C I A

发布： 2022-04-06

修订： 2024-11-21

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to CVE-2023-27585. The difference is that this issue is in parsing the query record `parse_rr()`, while the issue in CVE-2023-27585 is in `parse_query()`. A patch is available in the `master` branch of the `pjsip/pjproject` GitHub repository. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver instead.

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有4条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™

PJSIP is a free and open source... CVE-2022-24793

漏洞利用/PoC

受影响的平台与产品

贡献用户

相关漏洞清单查看更多>

PJSIP is a free and open source... CVE-2022-24793

漏洞利用/PoC

受影响的平台与产品

贡献用户

相关漏洞清单 查看更多>

相关漏洞清单查看更多>