CVE-2014-6610

EPSS 1.5%

Published: 11/26/2014Modified: 4/28/2026

Also known as:DEBIAN-CVE-2014-6610

Description

Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dialplan application.

Affected packages (1)

Debian/asteriskfrom 0, < 1:11.12.1~dfsg-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-6610