Vulnerabilities (CVE)

Filtered by vendor Nortel Subscribe
Filtered by product Ip Softphone 2050
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-5639 1 Nortel 15 Ip Audio Conference Phone 2033, Ip Phone 1110, Ip Phone 1120e and 12 more 2024-11-21 7.1 HIGH N/A
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and UnMute messages that have a spoofed source IP address for the Signaling Server.
CVE-2007-5636 1 Nortel 1 Ip Softphone 2050 2024-11-21 7.5 HIGH N/A
Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via a flood of invalid characters to the RTCP port (5678/udp) that triggers a Windows error message, aka "extraneous messaging."
CVE-2004-1319 2 Microsoft, Nortel 9 Windows 2000, Windows 2003 Server, Windows 98 and 6 more 2024-11-20 5.0 MEDIUM N/A
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180.
CVE-2004-1305 2 Microsoft, Nortel 19 Windows 2000, Windows 2003 Server, Windows 98 and 16 more 2024-11-20 5.0 MEDIUM N/A
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.
CVE-2004-0839 3 Avaya, Microsoft, Nortel 18 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 15 more 2024-11-20 5.0 MEDIUM N/A
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".