Lucene search

[email protected]CVE-2007-3368

HistoryJun 22, 2007 - 6:30 p.m.

CVE-2007-3368

2007-06-2218:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

polycom

sip

phone

http

server

buffer overflow

denial of service

cve-2007-3368

7.7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.011 Low

EPSS

Percentile

84.1%

JSON

Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote attackers to cause a denial of service (device reboot) via a malformed CGI parameter.

CPENameOperatorVersion
polycom:soundpoint_ip_650polycom soundpoint ip 650eqbootrom_3.0.0

CPE	Name	Operator	Version
polycom:soundpoint_ip_650	polycom soundpoint ip 650	eq	bootrom_3.0.0

References

osvdb.org/37611

www.polycom.com/common/documents/support/downloads/voice/soundpoint_ip_soundstation_ip_sip_2.1.1_release_notes.pdf

www.securityfocus.com/bid/24547

www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=273&

7.7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.011 Low

EPSS

Percentile

84.1%

JSON

Related for CVE-2007-3368

prion1