{"id":"CVE-2019-12827","details":"Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.","modified":"2026-04-10T04:12:06.391733Z","published":"2019-07-12T20:15:11.063Z","references":[{"type":"ADVISORY","url":"http://downloads.digium.com/pub/security/AST-2019-002.html"},{"type":"ADVISORY","url":"https://issues.asterisk.org/jira/browse/ASTERISK-28447"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/asterisk/asterisk","events":[{"introduced":"85335355efb2d7914a1fe20ed31afcef15fd210c"},{"fixed":"152d446befb93f64883b156cb58aea105d629423"},{"introduced":"d4cc63728def7ca06ad3f70547de87bc5c9ef7c0"},{"fixed":"1d47a3c5b8bd961ed026602889c158566eebf9b1"},{"introduced":"a65908f83e2f17a3aca7eb39c8e06045aca02674"},{"fixed":"a069c71f7ff8514aed0c36db990db35a71c98032"},{"introduced":"0"},{"last_affected":"d661052e6d2eddae58bec5a04229c105d11e18f4"},{"introduced":"0"},{"last_affected":"a9315f8d1a0e83f728fc70648f3c72a0c8bf6699"},{"introduced":"0"},{"last_affected":"474a6af80b583236e4f98723b0b9b74b25ad1b7d"},{"introduced":"0"},{"last_affected":"742007f881f8cb04fe543fba4dbe5404589d9f14"},{"introduced":"0"},{"last_affected":"ab699aa653ffbf9efe11fef940dd2cb0a80b075e"}],"database_specific":{"versions":[{"introduced":"13.0.0"},{"fixed":"13.27.0"},{"introduced":"15.0.0"},{"fixed":"15.7.2"},{"introduced":"16.0.0"},{"fixed":"16.4.0"},{"introduced":"0"},{"last_affected":"13.21-cert1"},{"introduced":"0"},{"last_affected":"13.21-cert1\\-rc1"},{"introduced":"0"},{"last_affected":"13.21-cert1\\-rc2"},{"introduced":"0"},{"last_affected":"13.21-cert2"},{"introduced":"0"},{"last_affected":"13.21-cert3"}]}}],"versions":["13.21.0-rc1","13.27.0-rc1","15.7.0-rc1","16.4.0-rc1","certified/13.21-cert1","certified/13.21-cert1-rc1","certified/13.21-cert1-rc2","certified/13.21-cert2","certified/13.21-cert3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-12827.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}