{"url":"http://public2.vulnerablecode.io/api/packages/336578?format=json","purl":"pkg:ebuild/net-misc/asterisk@1.8.8.2","type":"ebuild","namespace":"net-misc","name":"asterisk","version":"1.8.8.2","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.8.10.1","latest_non_vulnerable_version":"18.26.3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81368?format=json","vulnerability_id":"VCID-8e1f-41mn-3bh4","summary":"chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0885","reference_id":"","reference_type":"","scores":[{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77906","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0885"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656596","reference_id":"656596","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656596"},{"reference_url":"https://security.gentoo.org/glsa/201202-06","reference_id":"GLSA-201202-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201202-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/336578?format=json","purl":"pkg:ebuild/net-misc/asterisk@1.8.8.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/asterisk@1.8.8.2"}],"aliases":["CVE-2012-0885"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8e1f-41mn-3bh4"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/asterisk@1.8.8.2"}