Lucene search

[email protected]CVE-2003-1111

HistoryMar 11, 2005 - 5:00 a.m.

CVE-2003-1111

2005-03-1105:00:00

[email protected]

web.nvd.nist.gov

sip

dynamicsoft

denial of service

remote attackers

arbitrary code

invite messages

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

The Session Initiation Protocol (SIP) implementation in multiple dynamicsoft products including y and certain demo products for AppEngine allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.

Affected configurations

NVD

Node

dynamicsoftappengine

CPENameOperatorVersion
dynamicsoft:appenginedynamicsoft appengineeq*

CPE	Name	Operator	Version
dynamicsoft:appengine	dynamicsoft appengine	eq	*

References

www.cert.org/advisories/CA-2003-06.html

www.dynamicsoft.com/support/advisory/ca-2003-06.php

www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/

www.kb.cert.org/vuls/id/528719

www.securityfocus.com/bid/6904

exchange.xforce.ibmcloud.com/vulnerabilities/11379

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2003-1111

cvelist1 nvd1 cisco1