CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1125 matches found

Cvelist•added 2007/06/27 12:0 a.m.•26 views

CVE-2007-3445

Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows Mobile 2003 on the Samsung SCH-i730 phone, allows remote attackers to cause a denial of service device hang and call termination via a malformed SIP INVITE message, a different vulnerability than CVE-2007-3351...

6.7AI score0.0132EPSS

Exploits0References3

Cvelist•added 2007/06/27 12:0 a.m.•22 views

CVE-2007-3444

The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service blocked call reception via a malformed SIP invite message, possibly related to multiple format string specifiers in the From field, a spoofed source IP address, and limitations of th...

6.7AI score0.0187EPSS

Exploits0References7

CVE•added 2007/06/27 12:0 a.m.•36 views

CVE-2007-3445

CVE-2007-3445 concerns a buffer overflow in SJ Labs SJphone 1.60.303c on Windows Mobile 2003 (noted on the Samsung SCH-i730 in the initial description) that can be triggered by a malformed SIP INVITE message, resulting in a denial of service (device hang and call termination). The connected docum...

4.3CVSS6.7AI score0.0132EPSS

Exploits0References3Affected Software1

CVE•added 2007/06/27 12:0 a.m.•36 views

CVE-2007-3436

The CVE-2007-3436 entry affects Microsoft MSN Messenger 4.7 on Windows XP, where remote attackers can cause a denial of service through a flood of SIP INVITE requests to the voice-conversation port, resulting in resource consumption. The available documents describe the affected product, the vuln...

5CVSS6.7AI score0.12656EPSS

Exploits0References3Affected Software1

CVE•added 2007/06/27 12:0 a.m.•42 views

CVE-2007-3442

The CVE-2007-3442 entry concerns Research in Motion BlackBerry 7270 prior to 4.0 SP1 Bundle 108. A format-string vulnerability in SIP INVITE messages that lack a host name in the Contact header can allow remote attackers to cause a denial of service by blocking call reception and calling. Affecte...

2.3CVSS6.6AI score0.00669EPSS

Exploits0References6Affected Software1

Prion•added 2007/06/22 6:30 p.m.•10 views

Buffer overflow

Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service device hang or reboot via an INVITE message with a long Via header...

7.8CVSS7.3AI score0.02221EPSS

Exploits0References7Affected Software1

Prion•added 2007/06/22 6:30 p.m.•17 views

Design/Logic Flaw

The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service device outage via a malformed SDP header in a SIP INVITE message...

7.8CVSS6.8AI score0.01671EPSS

Exploits0References6Affected Software2

Prion•added 2007/06/22 6:30 p.m.•15 views

Code injection

The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim X3 running Windows Mobile 2003, allows remote attackers to cause a denial of service device hang and traffic amplification via a direct crafted INVITE transaction, which causes the phone to transmit many RTP packets...

7.8CVSS6.8AI score0.01602EPSS

Exploits0References3Affected Software1

Prion•added 2007/06/22 6:30 p.m.•12 views

Design/Logic Flaw

AOL Instant Messenger AIM 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service application hang via a flood of spoofed SIP INVITE requests...

7.8CVSS6.8AI score0.01619EPSS

Exploits0References4Affected Software1

NVD•added 2007/06/22 6:30 p.m.•14 views

CVE-2007-3369

7.8CVSS6.9AI score0.02221EPSS

Exploits0References7

NVD•added 2007/06/22 6:30 p.m.•15 views

CVE-2007-3350

AOL Instant Messenger AIM 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service application hang via a flood of spoofed SIP INVITE requests...

7.8CVSS6.5AI score0.01619EPSS

Exploits0References4

NVD•added 2007/06/22 6:30 p.m.•24 views

CVE-2007-3351

7.8CVSS6.4AI score0.01602EPSS

Exploits0References3

NVD•added 2007/06/22 6:30 p.m.•19 views

CVE-2007-3348

The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service device outage via a malformed SDP header in a SIP INVITE message...

7.8CVSS6.6AI score0.01671EPSS

Exploits0References6

Cvelist•added 2007/06/22 6:0 p.m.•29 views

CVE-2007-3348

The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service device outage via a malformed SDP header in a SIP INVITE message...

6.6AI score0.01671EPSS

Exploits0References6

Cvelist•added 2007/06/22 6:0 p.m.•17 views

CVE-2007-3350

AOL Instant Messenger AIM 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service application hang via a flood of spoofed SIP INVITE requests...

6.5AI score0.01619EPSS

Exploits0References4

CVE•added 2007/06/22 6:0 p.m.•54 views

CVE-2007-3348

The CVE-2007-3348 entry concerns D-Link DPH-540/DPH-541 phones. Affected component: the SIP handling code where a malformed SDP header in a SIP INVITE can be used by remote attackers to trigger a device denial of service. This is described in NVD/CVE records with a CVSS v2 base score of 7.8 (HIGH...

7.8CVSS6.6AI score0.01671EPSS

Exploits0References6Affected Software2

CVE•added 2007/06/22 6:0 p.m.•49 views

CVE-2007-3347

The CVE-2007-3347 entry concerns the D-Link DPH-540/DPH-541 SIP phones. The issue is that these phones accept SIP INVITE messages that originate outside the Call Server’s IP, enabling remote attackers to initiate arbitrary SIP communication with the device. A demonstrated effect is communication ...

7.8CVSS6.8AI score0.01254EPSS

Exploits0References5Affected Software2

Cvelist•added 2007/06/21 6:0 p.m.•18 views

CVE-2007-3320

The Avaya 4602SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact...

7AI score0.01403EPSS

Exploits0References6