Vulnerability Description
Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service (device hang or reboot) via an INVITE message with a long Via header.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Polycom | Soundpoint Ip 601 | 1.6.3.0067_bootrom_3.0.0 |
Related Weaknesses (CWE)
References
- http://knowledgebase.polycom.com/KanisaPlatform/Publishing/927/11898_f.SAL_PUBLI
- http://osvdb.org/37610
- http://secunia.com/advisories/25780Vendor Advisory
- http://www.polycom.com/common/pw_item_show_doc/1%2C%2C7482%2C00.pdf
- http://www.securityfocus.com/bid/24542
- http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=272&
- http://www.vupen.com/english/advisories/2007/2329
- http://knowledgebase.polycom.com/KanisaPlatform/Publishing/927/11898_f.SAL_PUBLI
- http://osvdb.org/37610
- http://secunia.com/advisories/25780Vendor Advisory
- http://www.polycom.com/common/pw_item_show_doc/1%2C%2C7482%2C00.pdf
- http://www.securityfocus.com/bid/24542
- http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=272&
- http://www.vupen.com/english/advisories/2007/2329
FAQ
What is CVE-2007-3369?
CVE-2007-3369 is a vulnerability with a CVSS score of 7.8 (HIGH). Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service (device hang or reboot) via an INVITE mes...
How severe is CVE-2007-3369?
CVE-2007-3369 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3369?
Check the references section above for vendor advisories and patch information. Affected products include: Polycom Soundpoint Ip 601.