Loading
Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads to a heap-based buffer overflow.
Use Digium vendor hub and Asterisk product page to widen CVE-2006-5444 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2022-26651, CVE-2022-26499 and CVE-2023-49786 for nearby disclosures in the same product family.