Vulnerabilities (CVE)

Filtered by vendor Yate Subscribe
Filtered by product Yet Another Telephony Engine
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1693 1 Yate 1 Yet Another Telephony Engine 2024-02-04 7.8 HIGH N/A
The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri parameter using an incorrect variable that can be NULL, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a Call-Info header without a purpose parameter.