CVE-2016-2316

MEDIUM Year: 2016
CVSS v3 Score
5.9
Medium
CVSS v2 Score
7.1
High
Weakness Type
CWE-191
View all →

Vulnerability Description

chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service (file descriptor consumption) via vectors related to large retransmit timeout values.

Related Vulnerabilities

CVE-2021-2390

MEDIUM
CVSS:5.9(Medium)

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows...

CWE-1912021

CVE-2025-47256

MEDIUM
CVSS:5.6(Medium)

Libxmp through 4.6.2 has a stack-based buffer overflow in depack_pha in loaders/prowizard/pha.c via a malformed Pha format tracker module in a .mod file.

CWE-1912025

CVE-2020-11906

MEDIUM
CVSS:6.3(Medium)

The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.

CWE-1912020

CVE-2015-1208

MEDIUM
CVSS:5.5(Medium)

Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 f...

CWE-1912015

CVE-2017-13666

MEDIUM
CVSS:5.5(Medium)

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. A small height value can ...

CWE-1912017

CVE-2017-15874

MEDIUM
CVSS:5.5(Medium)

archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.

CWE-1912017