FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

osip -- Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected packages
libosip2 <= 5.0.0

Details

VuXML ID 15a62f22-098a-443b-94e2-2d26c375b993
Discovery 2017-04-13
Entry 2017-10-11

osip developers reports:

In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.

[source]

References

CVE Name CVE-2017-7853
URL http://www.securityfocus.com/bid/97644
URL https://savannah.gnu.org/support/index.php?109265

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.