CVE-2011-1147 [Medium] | Memory Corruption in Asterisk

Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	3.42%	3.52%	+0.10%
2	2025-09-14	2.83%	3.42%	+0.59%
3	2025-03-30	—	2.83%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-15

3.42%

3.52%

+0.10%

2025-09-14

2.83%

3.42%

+0.59%

2025-03-30

—

2.83%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
6.8	2.0	MEDIUM	`AV:N/AC:M/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:M) Exploitation needs some favorable conditions, but not exceptional ones. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	8.6	6.4	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

6.8

2.0

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:M): Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:P): Partial confidentiality impact.
Integrity impact (I:P): Partial integrity impact.
Availability impact (A:P): Partial availability impact.

8.6

6.4

[email protected]

OS Trackers for CVE-2011-1147

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2011-1147 not yet assigned priority: Debian including 1 source packages (asterisk), 2 status rows across 2 suites (bullseye, sid): resolved 2.	https://security-tracker.debian.org/tracker/CVE-2011-1147
`gentoo`	high	CVE-2011-1147: 1 GLSA(s) (201110-21), 1 atom(s) (net-misc/asterisk); latest impact high.	https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2011-1147
`ubuntu`	medium	CVE-2011-1147 medium priority: Ubuntu including 1 source packages (asterisk), 7 status rows across 7 suites (dapper, hardy, karmic, lucid, maverick, natty, upstream): released 4, ignored 3.	https://ubuntu.com/security/CVE-2011-1147

Affected software / configurations for CVE-2011-1147

Vendor	Product	Version	Raw CPE
digium	asterisk	1.4.0	cpe:2.3:a:digium:asterisk:1.4.0:::::::*
digium	asterisk	1.4.0	cpe:2.3:a:digium:asterisk:1.4.0:beta1::::::
digium	asterisk	1.4.0	cpe:2.3:a:digium:asterisk:1.4.0:beta2::::::
digium	asterisk	1.4.0	cpe:2.3:a:digium:asterisk:1.4.0:beta3::::::
digium	asterisk	1.4.0	cpe:2.3:a:digium:asterisk:1.4.0:beta4::::::
digium	asterisk	1.4.1	cpe:2.3:a:digium:asterisk:1.4.1:::::::*
digium	asterisk	1.4.2	cpe:2.3:a:digium:asterisk:1.4.2:::::::*
digium	asterisk	1.4.3	cpe:2.3:a:digium:asterisk:1.4.3:::::::*
digium	asterisk	1.4.10	cpe:2.3:a:digium:asterisk:1.4.10:::::::*
digium	asterisk	1.4.10.1	cpe:2.3:a:digium:asterisk:1.4.10.1:::::::*
digium	asterisk	1.4.11	cpe:2.3:a:digium:asterisk:1.4.11:::::::*
digium	asterisk	1.4.12	cpe:2.3:a:digium:asterisk:1.4.12:::::::*
digium	asterisk	1.4.12.1	cpe:2.3:a:digium:asterisk:1.4.12.1:::::::*
digium	asterisk	1.4.13	cpe:2.3:a:digium:asterisk:1.4.13:::::::*
digium	asterisk	1.4.14	cpe:2.3:a:digium:asterisk:1.4.14:::::::*
digium	asterisk	1.4.15	cpe:2.3:a:digium:asterisk:1.4.15:::::::*
digium	asterisk	1.4.16	cpe:2.3:a:digium:asterisk:1.4.16:::::::*
digium	asterisk	1.4.16.1	cpe:2.3:a:digium:asterisk:1.4.16.1:::::::*
digium	asterisk	1.4.16.2	cpe:2.3:a:digium:asterisk:1.4.16.2:::::::*
digium	asterisk	1.4.17	cpe:2.3:a:digium:asterisk:1.4.17:::::::*
digium	asterisk	1.4.18	cpe:2.3:a:digium:asterisk:1.4.18:::::::*
digium	asterisk	1.4.19	cpe:2.3:a:digium:asterisk:1.4.19:::::::*
digium	asterisk	1.4.19	cpe:2.3:a:digium:asterisk:1.4.19:rc1::::::
digium	asterisk	1.4.19	cpe:2.3:a:digium:asterisk:1.4.19:rc2::::::
digium	asterisk	1.4.19	cpe:2.3:a:digium:asterisk:1.4.19:rc3::::::
digium	asterisk	1.4.19	cpe:2.3:a:digium:asterisk:1.4.19:rc4::::::
digium	asterisk	1.4.19.1	cpe:2.3:a:digium:asterisk:1.4.19.1:::::::*
digium	asterisk	1.4.19.2	cpe:2.3:a:digium:asterisk:1.4.19.2:::::::*
digium	asterisk	1.4.20	cpe:2.3:a:digium:asterisk:1.4.20:::::::*
digium	asterisk	1.4.20	cpe:2.3:a:digium:asterisk:1.4.20:rc1::::::
digium	asterisk	1.4.20	cpe:2.3:a:digium:asterisk:1.4.20:rc2::::::
digium	asterisk	1.4.20	cpe:2.3:a:digium:asterisk:1.4.20:rc3::::::
digium	asterisk	1.4.20.1	cpe:2.3:a:digium:asterisk:1.4.20.1:::::::*
digium	asterisk	1.4.21	cpe:2.3:a:digium:asterisk:1.4.21:::::::*
digium	asterisk	1.4.21	cpe:2.3:a:digium:asterisk:1.4.21:rc1::::::
digium	asterisk	1.4.21	cpe:2.3:a:digium:asterisk:1.4.21:rc2::::::
digium	asterisk	1.4.21.1	cpe:2.3:a:digium:asterisk:1.4.21.1:::::::*
digium	asterisk	1.4.21.2	cpe:2.3:a:digium:asterisk:1.4.21.2:::::::*
digium	asterisk	1.4.22	cpe:2.3:a:digium:asterisk:1.4.22:::::::*
digium	asterisk	1.4.22	cpe:2.3:a:digium:asterisk:1.4.22:rc1::::::
digium	asterisk	1.4.22	cpe:2.3:a:digium:asterisk:1.4.22:rc2::::::
digium	asterisk	1.4.22	cpe:2.3:a:digium:asterisk:1.4.22:rc3::::::
digium	asterisk	1.4.22	cpe:2.3:a:digium:asterisk:1.4.22:rc4::::::
digium	asterisk	1.4.22	cpe:2.3:a:digium:asterisk:1.4.22:rc5::::::
digium	asterisk	1.4.22.1	cpe:2.3:a:digium:asterisk:1.4.22.1:::::::*
digium	asterisk	1.4.22.2	cpe:2.3:a:digium:asterisk:1.4.22.2:::::::*
digium	asterisk	1.4.23	cpe:2.3:a:digium:asterisk:1.4.23:::::::*
digium	asterisk	1.4.23	cpe:2.3:a:digium:asterisk:1.4.23:rc1::::::
digium	asterisk	1.4.23	cpe:2.3:a:digium:asterisk:1.4.23:rc2::::::
digium	asterisk	1.4.23	cpe:2.3:a:digium:asterisk:1.4.23:rc3::::::
digium	asterisk	1.4.23	cpe:2.3:a:digium:asterisk:1.4.23:rc4::::::
digium	asterisk	1.4.23.1	cpe:2.3:a:digium:asterisk:1.4.23.1:::::::*
digium	asterisk	1.4.23.2	cpe:2.3:a:digium:asterisk:1.4.23.2:::::::*
digium	asterisk	1.4.24	cpe:2.3:a:digium:asterisk:1.4.24:::::::*
digium	asterisk	1.4.24	cpe:2.3:a:digium:asterisk:1.4.24:rc1::::::
digium	asterisk	1.4.24.1	cpe:2.3:a:digium:asterisk:1.4.24.1:::::::*
digium	asterisk	1.4.25	cpe:2.3:a:digium:asterisk:1.4.25:::::::*
digium	asterisk	1.4.25	cpe:2.3:a:digium:asterisk:1.4.25:rc1::::::
digium	asterisk	1.4.25.1	cpe:2.3:a:digium:asterisk:1.4.25.1:::::::*
digium	asterisk	1.4.26	cpe:2.3:a:digium:asterisk:1.4.26:::::::*
digium	asterisk	1.4.26	cpe:2.3:a:digium:asterisk:1.4.26:rc1::::::
digium	asterisk	1.4.26	cpe:2.3:a:digium:asterisk:1.4.26:rc2::::::
digium	asterisk	1.4.26	cpe:2.3:a:digium:asterisk:1.4.26:rc3::::::
digium	asterisk	1.4.26	cpe:2.3:a:digium:asterisk:1.4.26:rc4::::::
digium	asterisk	1.4.26	cpe:2.3:a:digium:asterisk:1.4.26:rc5::::::
digium	asterisk	1.4.26	cpe:2.3:a:digium:asterisk:1.4.26:rc6::::::
digium	asterisk	1.4.26.1	cpe:2.3:a:digium:asterisk:1.4.26.1:::::::*
digium	asterisk	1.4.26.2	cpe:2.3:a:digium:asterisk:1.4.26.2:::::::*
digium	asterisk	1.4.26.3	cpe:2.3:a:digium:asterisk:1.4.26.3:::::::*
digium	asterisk	1.4.27	cpe:2.3:a:digium:asterisk:1.4.27:::::::*
digium	asterisk	1.4.27	cpe:2.3:a:digium:asterisk:1.4.27:rc1::::::
digium	asterisk	1.4.27	cpe:2.3:a:digium:asterisk:1.4.27:rc2::::::
digium	asterisk	1.4.27	cpe:2.3:a:digium:asterisk:1.4.27:rc3::::::
digium	asterisk	1.4.27	cpe:2.3:a:digium:asterisk:1.4.27:rc4::::::
digium	asterisk	1.4.27	cpe:2.3:a:digium:asterisk:1.4.27:rc5::::::
digium	asterisk	1.4.27.1	cpe:2.3:a:digium:asterisk:1.4.27.1:::::::*
digium	asterisk	1.4.28	cpe:2.3:a:digium:asterisk:1.4.28:::::::*
digium	asterisk	1.4.28	cpe:2.3:a:digium:asterisk:1.4.28:rc1::::::
digium	asterisk	1.4.29	cpe:2.3:a:digium:asterisk:1.4.29:::::::*
digium	asterisk	1.4.29	cpe:2.3:a:digium:asterisk:1.4.29:rc1::::::

References for CVE-2011-1147

URL	Tags
http://downloads.asterisk.org/pub/security/AST-2011-002.html	Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html	Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html	Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html	Patch
http://secunia.com/advisories/43429	Vendor Advisory
http://secunia.com/advisories/43702	Vendor Advisory
http://www.debian.org/security/2011/dsa-2225
http://www.openwall.com/lists/oss-security/2011/03/11/2
http://www.openwall.com/lists/oss-security/2011/03/11/8
http://www.securityfocus.com/bid/46474
http://www.securitytracker.com/id?1025101
http://www.vupen.com/english/advisories/2011/0635	Vendor Advisory

URL

CVE-2011-1147

Exploit prediction scoring system (EPSS) score for CVE-2011-1147

Common vulnerability scoring system (CVSS) metrics for CVE-2011-1147

Weakness enumeration for CVE-2011-1147

OS Trackers for CVE-2011-1147

Affected software / configurations for CVE-2011-1147

References for CVE-2011-1147