GCVE - cpe:2.3:a:digium:asterisk:1.0.10:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:digium:asterisk:1.0.10:*:*:*:*:*:*:*

part: a version: 1.0.10 update: *

Vendor	Digium (`05ad29b7-5b41-56d5-935d-a279ab7f14bc`)
Product	Asterisk (`a75a6886-b0b4-5160-9cfa-f749f3c86956`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/asterisk/asterisk`	purl2cpe	2026-06-01 10:15:41.724036

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-5444`	vulnerable	2026-06-08 04:49:20.517013	Details available Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads to a heap-based buffer overflow. Published: 2006-10-23T17:00:00.000Z Updated: 2024-08-07T19:48:30.383Z Open on db.gcve.eu Reference links http://secunia.com/advisories/22480 http://ftp.digium.com/pub/asterisk/releases/ChangeLog-1.2.13 http://www.us.debian.org/security/2006/dsa-1229 http://www.gentoo.org/security/en/glsa/glsa-200610-15.xml http://www.novell.com/linux/security/advisories/2006_69_asterisk.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-4345`	vulnerable	2026-06-08 04:49:17.661134	Details available Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows remote attackers to execute arbitrary code via a crafted audit endpoint (AUEP) response. Published: 2006-08-24T20:00:00.000Z Updated: 2024-08-07T19:06:07.392Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2006/3372 http://www.gentoo.org/security/en/glsa/glsa-200610-15.xml http://labs.musecurity.com/advisories/MU-200608-01.txt http://secunia.com/advisories/22651 http://www.securityfocus.com/bid/19683	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2898`	vulnerable	2026-06-08 04:49:07.807274	Details available The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via truncated IAX 2 (IAX2) video frames, which bypasses a length check and leads to a buffer overflow involving negative length check. NOTE: the vendor advisory claims that only a DoS is possible, but the original researcher is reliable. Published: 2006-06-07T10:00:00.000Z Updated: 2024-08-07T18:06:27.038Z Open on db.gcve.eu Reference links http://securitytracker.com/id?1016236 http://www.debian.org/security/2006/dsa-1126 http://secunia.com/advisories/20899 http://secunia.com/advisories/20658 https://exchange.xforce.ibmcloud.com/vulnerabilities/27045	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.