CVE-2007-1595

EPSS 0.85%

Published: 3/22/2007Modified: 4/28/2026

Description

The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extensions, which allows remote attackers to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form.

Affected packages (1)

Debian/asteriskfrom 0, < 1:1.4.0~dfsg-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-1595