CVE-2013-2238
FreeSWITCH 1.2 - Buffer Overflow in switch_perform_substitution
Title source: llmDescription
Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted variables.
References (2)
Core 2
Core References
Exploit, Patch x_refsource_confirm
http://jira.freeswitch.org/browse/FS-5566
Patch mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/07/04/4
Scores
EPSS
0.0271
EPSS Percentile
84.2%
Details
CWE
CWE-119
Status
published
Products (1)
freeswitch/freeswitch
1.2
Published
Sep 30, 2013
Tracked Since
Feb 18, 2026