1126 matches found
CVE-2007-4553
The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service device hang via an INVITE message with a Via header that contains a '/' slash instead of the required space following the SIP version number...
Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service
Thomson SpeedTouch ST 2030 SIP Phone - SIP Invite Message Remote Denial of Service source: https://www.securityfocus.com/bid/25446/info Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages. Exploiting this...
Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service
source: https://www.securityfocus.com/bid/25446/info Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages. Exploiting this issue allows remote attackers to cause the device to stop responding, thus denying...
CVE-2007-4498
The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service blocked call reception via a certain SIP INVITE message followed by a...
Code injection
Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.70, allows remote attackers to cause a denial of service device reboot via 1 a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or 2 a certain invalid SIP INVITE message that contains a remote...
CVE-2007-4382
CounterPath X-Lite 3.0 34025, and possibly eyeBeam, allows remote attackers to cause a denial of service device crash via a SIP INVITE message without a Content-Type header...
Type confusion
CounterPath X-Lite 3.0 34025, and possibly eyeBeam, allows remote attackers to cause a denial of service device crash via a SIP INVITE message without a Content-Type header...
CVE-2007-4382
CVE-2007-4382 affects CounterPath X-Lite 3.0 34025 and possibly eyeBeam, where a SIP INVITE message lacking a Content-Type header can cause a device crash (remote denial of service). The available documents confirm the vulnerable component and the attack vector (SIP INVITE without Content-Type) a...
CVE-2007-4382
CounterPath X-Lite 3.0 34025, and possibly eyeBeam, allows remote attackers to cause a denial of service device crash via a SIP INVITE message without a Content-Type header...
CVE-2007-4366
WengoPhone 2.1 allows remote attackers to cause a denial of service device crash via a SIP INVITE message without a Content-Type header...
CVE-2007-4366
CVE-2007-4366 affects WengoPhone 2.1. It allows remote attackers to cause a denial of service (device crash) by sending a SIP INVITE message lacking a Content-Type header. The available documents confirm the affected product/version and the root cause (malformed SIP INVITE), with the impact descr...
CVE-2007-4366
WengoPhone 2.1 allows remote attackers to cause a denial of service device crash via a SIP INVITE message without a Content-Type header...
Design/Logic Flaw
The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transaction states, which allows remote attackers to cause a denial of service temporary device hang by sending a certain SIP INVITE message, but not providing an ACK when the call is answered...
Format string
Format string vulnerability on the Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 allows remote attackers to cause a denial of service blocked call reception and calling via format string specifiers in an SIP INVITE message that lacks a host name in the Contact header...
Code injection
AOL Instant Messenger AIM 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service application crash via a malformed header value in a SIP INVITE message, a different vulnerability than CVE-2007-3350...
CVE-2007-3445
Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows Mobile 2003 on the Samsung SCH-i730 phone, allows remote attackers to cause a denial of service device hang and call termination via a malformed SIP INVITE message, a different vulnerability than CVE-2007-3351...
CVE-2007-3437
AOL Instant Messenger AIM 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service application crash via a malformed header value in a SIP INVITE message, a different vulnerability than CVE-2007-3350...
Design/Logic Flaw
Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service resource consumption via a flood of SIP INVITE requests to the port specified for voice conversation...
Buffer overflow
Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows Mobile 2003 on the Samsung SCH-i730 phone, allows remote attackers to cause a denial of service device hang and call termination via a malformed SIP INVITE message, a different vulnerability than CVE-2007-3351...
CVE-2007-3444
The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service blocked call reception via a malformed SIP invite message, possibly related to multiple format string specifiers in the From field, a spoofed source IP address, and limitations of th...