Vulnerability Description
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Ip Phone | 7906g |
| Cisco | Skinny Client Control Protocol \(Sccp\) Firmware | All versions |
| Cisco | Session Initiation Protocol \(Sip\) Firmware | All versions |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/28935Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.sPatch
- http://www.securityfocus.com/bid/27774
- http://www.securitytracker.com/id?1019409
- http://www.vupen.com/english/advisories/2008/0543
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40492
- http://secunia.com/advisories/28935Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.sPatch
- http://www.securityfocus.com/bid/27774
- http://www.securitytracker.com/id?1019409
- http://www.vupen.com/english/advisories/2008/0543
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40492
FAQ
What is CVE-2008-0528?
CVE-2008-0528 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data.
How severe is CVE-2008-0528?
CVE-2008-0528 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0528?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Ip Phone, Cisco Skinny Client Control Protocol \(Sccp\) Firmware, Cisco Session Initiation Protocol \(Sip\) Firmware.