{"url":"http://public2.vulnerablecode.io/api/packages/88531?format=json","purl":"pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1?distro=sid","type":"deb","namespace":"debian","name":"asterisk","version":"1:1.8.10.0~dfsg-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:1.8.11.1~dfsg-1","latest_non_vulnerable_version":"1:22.9.0+dfsg+~cs6.16.60671434-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58907?format=json","vulnerability_id":"VCID-bt6h-dkwf-h7dm","summary":"Stack-based buffer overflow in the ast_parse_digest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1184","reference_id":"","reference_type":"","scores":[{"value":"0.37421","scoring_system":"epss","scoring_elements":"0.97267","published_at":"2026-06-04T12:55:00Z"},{"value":"0.37421","scoring_system":"epss","scoring_elements":"0.97272","published_at":"2026-06-05T12:55:00Z"},{"value":"0.37421","scoring_system":"epss","scoring_elements":"0.97273","published_at":"2026-06-06T12:55:00Z"},{"value":"0.37421","scoring_system":"epss","scoring_elements":"0.97274","published_at":"2026-06-07T12:55:00Z"},{"value":"0.37421","scoring_system":"epss","scoring_elements":"0.97275","published_at":"2026-06-08T12:55:00Z"},{"value":"0.37421","scoring_system":"epss","scoring_elements":"0.97276","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1184"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1184"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411","reference_id":"664411","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18855.txt","reference_id":"CVE-2012-1184;OSVDB-80126","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18855.txt"},{"reference_url":"https://security.gentoo.org/glsa/201203-21","reference_id":"GLSA-201203-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-21"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88531?format=json","purl":"pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/88483?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-341r-eamh-fbee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/88485?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1%3Fdistro=sid"}],"aliases":["CVE-2012-1184"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bt6h-dkwf-h7dm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58906?format=json","vulnerability_id":"VCID-ykhc-wcyu-5kfc","summary":"Stack-based buffer overflow in the milliwatt_generate function in the Miliwatt application in Asterisk 1.4.x before 1.4.44, 1.6.x before 1.6.2.23, 1.8.x before 1.8.10.1, and 10.x before 10.2.1, when the o option is used and the internal_timing option is off, allows remote attackers to cause a denial of service (application crash) via a large number of samples in an audio packet.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1183","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44494","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44564","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44572","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4455","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44516","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4453","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1183"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411","reference_id":"664411","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664411"},{"reference_url":"https://security.gentoo.org/glsa/201203-21","reference_id":"GLSA-201203-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-21"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88531?format=json","purl":"pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/88483?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-341r-eamh-fbee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/88485?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1%3Fdistro=sid"}],"aliases":["CVE-2012-1183"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ykhc-wcyu-5kfc"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.8.10.0~dfsg-1%3Fdistro=sid"}