CRITICAL🇵🇱 Wersja polska

CVE-2015-2003

CVSS 9.8v3.0pub. 2018-03-29upd. 2024-11-21

The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Pjsip Pjsua2 Sdk

    APP
    Pjsip
    < 51322
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2022-24786CRITICAL9.8ten sam vendor

PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior d...

CVE-2026-40614HIGH8.5ten sam vendor

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a...

CVE-2026-40892HIGH8.1ten sam vendor

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack bu...

CVE-2026-32942HIGH8.0ten sam vendor

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain...

CVE-2026-32945HIGH8.4ten sam vendor

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a ...