Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-9bs1-zeq7-jfaa

Summary Stack-based buffer overflow in the ast_parse_digest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header.

Aliases

alias	CVE-2012-1184

Fixed_packages

url	pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1?distro=sid
purl	pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1%3Fdistro=sid

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gh5j-yza2-v3fu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4%3Fdistro=sid

url	pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
purl	pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1%3Fdistro=sid

url	pkg:ebuild/net-misc/asterisk@1.8.10.1
purl	pkg:ebuild/net-misc/asterisk@1.8.10.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/asterisk@1.8.10.1

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1184

reference_id

reference_type

scores

value	0.37421
scoring_system	epss
scoring_elements	0.97256
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1184

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411
reference_id	664411
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18855.txt
reference_id	CVE-2012-1184;OSVDB-80126
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18855.txt

reference_url	https://security.gentoo.org/glsa/201203-21
reference_id	GLSA-201203-21
reference_type
scores
url	https://security.gentoo.org/glsa/201203-21

Weaknesses

Exploits

date_added	2012-05-10
description	Asterisk - 'ast_parse_digest()' Stack Buffer Overflow (PoC)
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`false`
source_date_published	2012-03-15
exploit_type	dos
platform	linux
source_date_updated	2012-05-10
data_source	Exploit-DB
source_url

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9bs1-zeq7-jfaa

Vulnerability Instance