4 matches found
CVE-2008-1248
The affected product is the Snom 320 SIP Phone. The vulnerability exists in the web interface (web server on port 1800) that allows remote attackers to place calls to arbitrary numbers via the "Call a number" field. Root cause details are not explicitly provided in the documents beyond this behav...
CVE-2008-1251
The CVE-2008-1251 entry concerns a Cross-site Scripting (XSS) vulnerability in the web interface of the central phone server for the Snom 320 SIP Phone. The vulnerability could allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Per the connected data, the CVSS ...
CVE-2008-1250
The CVE-2008-1250 case concerns the web interface of the central phone server in the Snom 320 SIP Phone. It describes multiple CSRF vulnerabilities that allow remote attackers to perform actions as the phone user, demonstrated by inserting an address-book entry containing an XSS sequence. The ava...
CVE-2008-1249
CVE-2008-1249 affects snomControl.swf in the central phone server of the Snom 320 SIP Phone. A crafted input sequence in the "Call a number" field ("'); (double quote, quote, close parenthesis, semicolon)) can cause remote denial of service, resulting in an application crash and corruption of cal...