Freeswitch : Security Vulnerabilities, CVEs, (Overflow)
Heap-based buffer overflow in the parse_string function in libs/esl/src/esl_json.c in FreeSWITCH before 1.4.23 and 1.6.x before 1.6.2 allows remote attackers to execute arbitrary code via a trailing \u in a json string to cJSON_Parse.
Max CVSS
7.5
EPSS Score
5.11%
Published
2015-10-05
Updated
2018-10-09
Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted variables.
Max CVSS
6.8
EPSS Score
0.41%
Published
2013-09-30
Updated
2013-10-11
2 vulnerabilities found