Lucene search

[email protected]CVE-2006-0359

HistoryJan 22, 2006 - 8:03 p.m.

CVE-2006-0359

2006-01-2220:03:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-0359

buffer overflow

counterpath

eyebeam

sip softphone

denial of service

remote attackers

nvd

8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.471 Medium

EPSS

Percentile

97.4%

JSON

Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote attackers to (1) cause a denial of service (device crash) via SIP INVITE commands with a long header field name sent during startup and (2) cause a denial of service (device hang or crash) via SIP INVITE commands with a long header field name sent during a call.

CPENameOperatorVersion
counterpath:eyebeam_sip_softphonecounterpath eyebeam sip softphoneeq*

CPE	Name	Operator	Version
counterpath:eyebeam_sip_softphone	counterpath eyebeam sip softphone	eq	*

References

blog.donews.com/zwell/archive/2006/01/17/698810.aspx

secunia.com/advisories/18516

securityreason.com/securityalert/354

www.securityfocus.com/archive/1/422009/100/0/threaded

www.securityfocus.com/archive/1/446573/100/0/threaded

www.securityfocus.com/bid/16253

www.vupen.com/english/advisories/2006/0259

exchange.xforce.ibmcloud.com/vulnerabilities/24181

8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.471 Medium

EPSS

Percentile

97.4%

JSON

Related for CVE-2006-0359

prion1