{"url":"http://public2.vulnerablecode.io/api/packages/339435?format=json","purl":"pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1?distro=sid","type":"deb","namespace":"debian","name":"asterisk","version":"1:1.8.10.0~dfsg-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:1.8.11.1~dfsg-1","latest_non_vulnerable_version":"1:22.9.0+dfsg+~cs6.16.60671434-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81393?format=json","vulnerability_id":"VCID-9bs1-zeq7-jfaa","summary":"Stack-based buffer overflow in the ast_parse_digest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1184","reference_id":"","reference_type":"","scores":[{"value":"0.37421","scoring_system":"epss","scoring_elements":"0.97256","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1184"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1184"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411","reference_id":"664411","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18855.txt","reference_id":"CVE-2012-1184;OSVDB-80126","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18855.txt"},{"reference_url":"https://security.gentoo.org/glsa/201203-21","reference_id":"GLSA-201203-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-21"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/339435?format=json","purl":"pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/339387?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gh5j-yza2-v3fu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/339389?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1%3Fdistro=sid"}],"aliases":["CVE-2012-1184"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9bs1-zeq7-jfaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81392?format=json","vulnerability_id":"VCID-r8qs-axpa-dfcq","summary":"Stack-based buffer overflow in the milliwatt_generate function in the Miliwatt application in Asterisk 1.4.x before 1.4.44, 1.6.x before 1.6.2.23, 1.8.x before 1.8.10.1, and 10.x before 10.2.1, when the o option is used and the internal_timing option is off, allows remote attackers to cause a denial of service (application crash) via a large number of samples in an audio packet.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1183","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44497","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1183"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411","reference_id":"664411","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411"},{"reference_url":"https://security.gentoo.org/glsa/201203-21","reference_id":"GLSA-201203-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-21"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/339435?format=json","purl":"pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/339387?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gh5j-yza2-v3fu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/339389?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1%3Fdistro=sid"}],"aliases":["CVE-2012-1183"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8qs-axpa-dfcq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1%3Fdistro=sid"}