Unrated severityNVD Advisory· Published Sep 22, 2003· Updated Jun 16, 2026

CVE-2003-0779

Description

SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.

Affected products

Digium/Asterisk7 versions
cpe:2.3:a:digium:asterisk:0.1.7:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:digium:asterisk:0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:0.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:0.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:0.1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:0.4:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.atstake.com/research/advisories/2003/a091103-1.txtnvdExploitVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000