| |
Vulnerability CVE-2007-3438
Published: 2007-06-26 Modified: 2012-02-12
| Description: |
Buffer overflow in the SIP header parsing module in the Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to execute arbitrary code via a malformed message, a different vulnerability than CVE-2007-3361. |
CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.8/10 |
6.9/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
None |
Complete |
References: |
http://www.sipera.com/index.php?action=resources,threat_advisory&tid=297& ;
http://osvdb.org/45429
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
