1. CVE-Search
  2. CVE-2007-3318
ID CVE-2007-3318
Summary Buffer overflow in the Session Initiation Protocol (SIP) User Access Client (UAC) message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and earlier allows remote attackers to cause a denial of service (call reception outage) via a malformed SIP message. The vendor recommends to open a ticket with Avaya Services to obtain a patch.
References
Vulnerable Configurations
  • cpe:2.3:a:avaya:one-x:*:*:desktop:*:*:*:*:*
    cpe:2.3:a:avaya:one-x:*:*:desktop:*:*:*:*:*
CVSS
Base: 5.0 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 24530
confirm http://support.avaya.com/elmodocs2/security/ASA-2007-241.htm
misc http://www.sipera.com/index.php?action=resources,threat_advisory&tid=295&
osvdb 38114
secunia 25727
xf
  • avaya-onex-sipuac-dos(34952)
  • avaya-sipmessage-dos(35072)
Last major update 29-07-2017 - 01:32
Published 21-06-2007 - 18:30
Last modified 29-07-2017 - 01:32
Back to Top