[CVE-2018-12584] Heap overflow vulnerability in reSIProcate through 1.10.2

Posted by Joachim De Zutter on Aug 08CVE ID: CVE-2018-12584

TIMELINE

Bug report with test code sent to main reSIProcate developers: 2018-06-15
Patch created by Scott Godin: 2018-06-18
CVE ID assigned: 2018-06-19
Patch committed to reSIProcate repository: 2018-06-21
Advisory first published on website: 2018-06-22
Advisory sent to Bugtraq mailing list: 2018-08-08

DESCRIPTION

A heap overflow can be triggered in the reSIProcate SIP stack when TLS is
enabled….

Link: http://seclists.org/bugtraq/2018/Aug/14