CVE-2007-4291
6.9 Medium
AI Score
Confidence
High
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.062 Low
EPSS
Percentile
93.5%
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption.
References
osvdb.org/36677
osvdb.org/36678
osvdb.org/36679
osvdb.org/36680
osvdb.org/36681
secunia.com/advisories/26363
securitytracker.com/id?1018533
www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml
www.securityfocus.com/bid/25239
www.vupen.com/english/advisories/2007/2816
exchange.xforce.ibmcloud.com/vulnerabilities/35903
exchange.xforce.ibmcloud.com/vulnerabilities/35904
exchange.xforce.ibmcloud.com/vulnerabilities/35905
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5570
Social References
More
Related
6.9 Medium
AI Score
Confidence
High
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.062 Low
EPSS
Percentile
93.5%