CVE-2003-0761 : Buffer overflow in the get_msg_text of chan

Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.

Published 2003-09-17 04:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2003-0761

Digium » Asterisk » Version: 1.2.13
cpe:2.3:a:digium:asterisk:1.2.13:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2003-0761

EPSS FAQ

0.13%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 29 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2003-0761

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2003-0761

http://www.atstake.com/research/advisories/2003/a090403-1.txt

Exploit;Vendor Advisory

Jump to

Vulnerability Details : CVE-2003-0761

Products affected by CVE-2003-0761

Exploit prediction scoring system (EPSS) score for CVE-2003-0761

CVSS scores for CVE-2003-0761

References for CVE-2003-0761