kiax: arbitrary code execution
| Package(s): | kiax | CVE #(s): | CVE-2006-2923 | ||||
| Created: | June 30, 2006 | Updated: | July 5, 2006 | ||||
| Description: | The iax_net_read function in the iaxclient library fails to properly handle IAX2 packets with truncated full frames or mini-frames. These frames are detected in a length check but processed anyway, leading to buffer overflows. | ||||||
| Alerts: |
| ||||||