Lucene search

MitreCVE-2007-3369

HistoryJun 22, 2007 - 6:30 p.m.

CVE-2007-3369

2007-06-2218:30:00

CWE-119

mitre

web.nvd.nist.gov

buffer overflow

polycom soundpoint ip 601

sip phone

denial of service

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.9

Confidence

High

EPSS

0.047

Percentile

92.8%

JSON

Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service (device hang or reboot) via an INVITE message with a long Via header.

Affected configurations

Nvd

Node

polycomsoundpoint_ip_601Match1.6.3.0067_bootrom_3.0.0

VendorProductVersionCPE
polycomsoundpoint_ip_6011.6.3.0067_bootrom_3.0.0cpe:2.3:h:polycom:soundpoint_ip_601:1.6.3.0067_bootrom_3.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
polycom	soundpoint_ip_601	1.6.3.0067_bootrom_3.0.0	cpe:2.3:h:polycom:soundpoint_ip_601:1.6.3.0067_bootrom_3.0.0:::::::*

References

knowledgebase.polycom.com/KanisaPlatform/Publishing/927/11898_f.SAL_PUBLIC_1_2.html

osvdb.org/37610

secunia.com/advisories/25780

www.polycom.com/common/pw_item_show_doc/1%2C%2C7482%2C00.pdf

www.securityfocus.com/bid/24542

www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=272&

www.vupen.com/english/advisories/2007/2329

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.9

Confidence

High

EPSS

0.047

Percentile

92.8%

JSON

Related for CVE-2007-3369