{"id":"UBUNTU-CVE-2018-12584","details":"The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled.","modified":"2026-04-22T12:50:14.232933Z","published":"2018-07-16T20:29:00Z","upstream":["CVE-2018-12584"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-12584"},{"type":"REPORT","url":"http://joachimdezutter.webredirect.org/advisory.html"},{"type":"REPORT","url":"https://github.com/resiprocate/resiprocate/commit/2cb291191c93c7c4e371e22cb89805a5b31d6608"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2018-12584"}],"affected":[{"package":{"name":"resiprocate","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/resiprocate@1:1.10.1-2ubuntu1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:1.10.0-1","1:1.10.1-1","1:1.10.1-2","1:1.10.1-2ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"librecon-1.10","binary_version":"1:1.10.1-2ubuntu1"},{"binary_name":"libresiprocate-1.10","binary_version":"1:1.10.1-2ubuntu1"},{"binary_name":"libresiprocate-turn-client-1.10","binary_version":"1:1.10.1-2ubuntu1"},{"binary_name":"repro","binary_version":"1:1.10.1-2ubuntu1"},{"binary_name":"resiprocate-turn-server","binary_version":"1:1.10.1-2ubuntu1"},{"binary_name":"resiprocate-turn-server-psql","binary_version":"1:1.10.1-2ubuntu1"},{"binary_name":"sipdialer","binary_version":"1:1.10.1-2ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-12584.json"}},{"package":{"name":"resiprocate","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/resiprocate@1:1.11.0~beta5-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:1.11.0~beta5-1"],"ecosystem_specific":{"binaries":[{"binary_name":"librecon-1.11","binary_version":"1:1.11.0~beta5-1"},{"binary_name":"libresiprocate-1.11","binary_version":"1:1.11.0~beta5-1"},{"binary_name":"libresiprocate-turn-client-1.11","binary_version":"1:1.11.0~beta5-1"},{"binary_name":"repro","binary_version":"1:1.11.0~beta5-1"},{"binary_name":"resiprocate-turn-server","binary_version":"1:1.11.0~beta5-1"},{"binary_name":"resiprocate-turn-server-psql","binary_version":"1:1.11.0~beta5-1"},{"binary_name":"sipdialer","binary_version":"1:1.11.0~beta5-1"},{"binary_name":"telepathy-resiprocate","binary_version":"1:1.11.0~beta5-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-12584.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}