198 matches found
Code injection
Cisco Unified Communications Manager aka CUCM, formerly CallManager before 6.11 allows remote attackers to cause a denial of service voice-services outage via a malformed header in a SIP message, aka Bug ID CSCsi46466...
CVE-2009-2050
Cisco Unified Communications Manager aka CUCM, formerly CallManager before 6.11 allows remote attackers to cause a denial of service voice-services outage via a malformed header in a SIP message, aka Bug ID CSCsi46466...
CVE-2009-2050
Cisco Unified Communications Manager aka CUCM, formerly CallManager before 6.11 allows remote attackers to cause a denial of service voice-services outage via a malformed header in a SIP message, aka Bug ID CSCsi46466...
CVE-2008-3210
rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service daemon crash via a SIP 1 INVITE or 2 OPTIONS message with a long domain name in a request URI, which triggers an assert error...
Stack overflow
Multiple stack-based buffer overflows in the 1 getremoteipmedia and 2 getremoteipv6media functions in call.cpp in SIPp 3.1 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted SIP message...
CVE-2008-2085
Multiple stack-based buffer overflows in the 1 getremoteipmedia and 2 getremoteipv6media functions in call.cpp in SIPp 3.1 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted SIP message...
CVE-2008-1959
Stack-based buffer overflow in the getremotevideoportmedia function in call.cpp in SIPp 3.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIP message. NOTE: some of these details are obtained from third party information...
Stack overflow
Stack-based buffer overflow in the getremotevideoportmedia function in call.cpp in SIPp 3.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIP message. NOTE: some of these details are obtained from third party information...
DEBIAN-CVE-2008-1959
Stack-based buffer overflow in the getremotevideoportmedia function in call.cpp in SIPp 3.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIP message. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message...
Code injection
The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service device hang via 1 an empty SIP message or 2 a SIP INVITE message with a malformed To header, different vectors than CVE-2007-4553...
[Full-disclosure] DOS vulnerability on Thomson SIP phone ST 2030 using the VIA Header
MADYNES Security Advisory : Remote DOS on Thomson SIP phone ST 2030 Date of Discovery 15 February, 2007 Vendor was notified on 1 March 2007 ID: KIPH8 Synopsis After sending a message where the a space is replaced by a slash after the SIP version in the VIA, the device looks functional but in fact...
Design/Logic Flaw
ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC HyTN Pocket PC device, allows remote attackers to 1 cause a denial of service call disruption and device hang via a SIP message with a malformed header and 2 cause a denial of service call disruption, false ring indication, and...
CVE-2007-3362
ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC HyTN Pocket PC device, allows remote attackers to 1 cause a denial of service call disruption and device hang via a SIP message with a malformed header and 2 cause a denial of service call disruption, false ring indication, and...
CVE-2007-3318
Buffer overflow in the Session Initiation Protocol SIP User Access Client UAC message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and earlier allows remote attackers to cause a denial of service call reception outage via a malformed SIP message...
CVE-2007-3317
The Session Initiation Protocol SIP User Access Client UAC message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and earlier allows remote attackers to cause a denial of service device crash via a malformed SIP message...
CVE-2007-2293
Multiple stack-based buffer overflows in the processsdp function in chansip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long 1 T38FaxRateManagement or 2 T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP...
Linksys RT31P2 SIP DoS
IP telephony hangs on invalid SIP message...