1. Home
  2. CVE Database
  3. CVE-2008-0530
HIGH · 10.0

CVE-2008-0530

Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP and SIP firmware might allow remote attackers to execute arbitrary code via a crafted DNS response.

Vulnerability Description

Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP and SIP firmware might allow remote attackers to execute arbitrary code via a crafted DNS response.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoUnified Ip Phone7906g
CiscoSkinny Client Control Protocol \(Sccp\) FirmwareAll versions
CiscoSession Initiation Protocol \(Sip\) FirmwareAll versions

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2008-0530?

CVE-2008-0530 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP and SIP firmware might allow remote attackers to execute arbitrary code via a crafted DNS response.

How severe is CVE-2008-0530?

CVE-2008-0530 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-0530?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Ip Phone, Cisco Skinny Client Control Protocol \(Sccp\) Firmware, Cisco Session Initiation Protocol \(Sip\) Firmware.