The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and UnMute messages that have a spoofed source IP address for the Signaling Server.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 00:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://securityreason.com/securityalert/3273 - | |
References | () http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654715 - Patch | |
References | () http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_flooding_denial_of_service_v1.0.txt - Exploit | |
References | () http://www.securityfocus.com/archive/1/482480/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/26122 - Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/37253 - |
Information
Published : 2007-10-23 17:46
Updated : 2024-11-21 00:38
NVD link : CVE-2007-5639
Mitre link : CVE-2007-5639
CVE.ORG link : CVE-2007-5639
JSON object : View
Products Affected
nortel
- ip_phone_1120e
- ip_audio_conference_phone_2033
- ip_phone_1110
- ip_phone_2002
- wlan_handset_6140
- wlan_handset_6120
- mobile_voice_client_2050
- ip_phone_1140e
- ip_phone_1150e
- ip_softphone_2050
- ip_phone_2001
- wlan_handset_2211
- wlan_handset_2210
- ip_phone_2004
- wlan_handset_2212
CWE