CVE-2007-3369

Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service device hang or reboot via an INVITE message with a long Via header...

CVE-2007-3368

CVE-2007-3368 describes a buffer overflow in the HTTP server of Polycom SoundPoint IP 601 SIP phones with BootROM 3.0.x+ that can be triggered by a malformed CGI parameter, enabling a remote attacker to cause a denial of service (device reboot). The vulnerability affects the HTTP CGI handling and...

CVE-2007-3368

Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote attackers to cause a denial of service device reboot via a malformed CGI parameter...

CVE-2007-3369

Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service device hang or reboot via an INVITE message with a long Via header...

CVE-2006-5233

Polycom SoundPoint IP 301 VoIP Desktop Phone running firmware version 1.4.1.0040 is affected. The vulnerability allows remote attackers to cause a denial of service (reboot) by sending a long URL to the device’s HTTP daemon and through unspecified manipulations demonstrated by the Nessus http_fin...

CVE-2006-5233

Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote attackers to cause a denial of service reboot via 1 a long URL sent to the HTTP daemon and 2 unspecified manipulations as demonstrated by the Nessus httpfingerprintinghmap.nasl script...

CVE-2002-1906

The CVE-2002-1906 issue affects Polycom ViaVideo web server versions 2.2 and 3.0. The vulnerability is a denial-of-service caused by remote attackers sending incomplete HTTP requests and keeping connections open, which leads to CPU consumption/lockups. The available connected sources (OpenVAS NAS...

CVE-2002-1905

Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service crash via a long HTTP GET request...

CVE-2002-1906

The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service CPU consumption by sending incomplete HTTP requests and leaving the connections open...

CVE-2003-0556

Polycom MGC 25 is affected by CVE-2003-0556, where a remote attacker can cause a denial of service (crash) by sending a large number of requests to control port 5003, demonstrated with the blast TCP stress tester. The issue is tied to the MGC 25’s handling of control-port requests; no patch/mitig...

CVE-2002-0626

Polycom ViewStation up to version 7.2.3 (before 7.2.4) is affected by a default null password for the administrator account, enabling unauthorized activities by any user. The vulnerability is caused by the presence of a default credential and results in complete confidentiality, integrity, and av...