VYPR
Unrated severityNVD Advisory· Published Mar 22, 2007· Updated Jun 16, 2026

CVE-2007-1595

CVE-2007-1595

Description

The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extensions, which allows remote attackers to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form.

Affected products

2
  • Asterisk/Asterisk2 versions
    cpe:2.3:a:asterisk:asterisk:1.2.13:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:asterisk:asterisk:1.2.13:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.