Lucene search

MitreCVE-2005-4466

HistoryDec 22, 2005 - 12:03 a.m.

CVE-2005-4466

2005-12-2200:03:00

mitre

web.nvd.nist.gov

buffer overflow

sipproxy

i3sipmsg.dll

denial of service

remote attackers

arbitrary code

security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.6

Confidence

High

EPSS

0.272

Percentile

96.8%

JSON

Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters.

Affected configurations

Nvd

Node

interactive_intelligenceinteraction_sip_proxyMatch3.0.010

VendorProductVersionCPE
interactive_intelligenceinteraction_sip_proxy3.0.010cpe:2.3:a:interactive_intelligence:interaction_sip_proxy:3.0.010:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
interactive_intelligence	interaction_sip_proxy	3.0.010	cpe:2.3:a:interactive_intelligence:interaction_sip_proxy:3.0.010:::::::*

References

secunia.com/advisories/18197

securityreason.com/securityalert/281

securitytracker.com/id?1015392

www.hat-squad.com/en/000171.html

www.securityfocus.com/archive/1/419989/100/0/threaded

www.securityfocus.com/bid/16001

www.vupen.com/english/advisories/2005/3029

exchange.xforce.ibmcloud.com/vulnerabilities/23823

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.6

Confidence

High

EPSS

0.272

Percentile

96.8%

JSON

Related for CVE-2005-4466