PublicDate: 2006-04-18 20:02:00 UTC
Candidate: CVE-2006-1827
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1827
Description:
 Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier
 allows remote attackers to execute arbitrary code via a length value that
 passes a length check as a negative number, but triggers a buffer overflow
 when it is used as an unsigned length.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_asterisk: released (1.2.7.1.dfsg-2ubuntu3.4)
edgy_asterisk: released (1.2.12.1.dfsg-1ubuntu1.4)
feisty_asterisk: released (1.2.16~dfsg-1ubuntu3.1)
devel_asterisk: released (1.4.11~dfsg-1)
upstream_asterisk: needs-triage