CVE-2007-4295
published 2007-08-09CVE-2007-4295: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios_and_cisco_unified_communications_manager | — | — |
GHSA
GHSA-vf5q-3rgp-67xj: Unspecified vulnerability in Cisco IOS 12
ghsa_unreviewed·2022-05-01
CVE-2007-4295 [MEDIUM] GHSA-vf5q-3rgp-67xj: Unspecified vulnerability in Cisco IOS 12
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.
Cisco
Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager
vendor_cisco·2007-08-08·CVSS 10.0
CVE-2007-4291 [CRITICAL] CWE-399 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager
Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager
Multiple voice-related vulnerabilities are identified in Cisco IOS
software, one of which is also shared with Cisco Unified Communications
Manager. These vulnerabilities pertain to the following protocols or features:
Session Initiation Protocol (SIP)
Media Gateway Control Protocol (MGCP)
Signaling protocols H.323, H.254
Real-time Transport Protocol (RTP)
Facsimile reception
Cisco has made free software available to address these
vulnerabilities for affected customers. Fixed Cisco IOS software listed in the
Software Versions and Fixes section contains fixes for all
vulnerabilities mentioned in this advisory.
There are no workarounds available to mitigate the effects of any of
the vulnerabilities apart from
Cisco
Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager
vendor_cisco
CVE-2007-4295 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager
CVE-2007-4295: Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager
Multiple voice-related vulnerabilities are identified in Cisco IOS software, one of which is also shared with Cisco Unified Communications Manager. These vulnerabilities pertain to the following protocols or features: Session Initiation Protocol (SIP) Media Gateway Control Protocol (MGCP) Signaling protocols H.323, H.254 Real-time Transport Protocol (RTP) Facsimile reception Cisco has made free software available to address these vulnerabilities for affected customers. Fixed Cisco IOS software listed in the Software Versions and Fixes section contains fixes for all vulnerabilities mentioned in this advisory. There are no
CWE: CWE-399, CWE-94, CWE-399, CWE-94
Bug IDs: CSCeb21064, CSCsb24007, CSCsc6024
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/36667http://secunia.com/advisories/26363http://securitytracker.com/id?1018533http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtmlhttp://www.securityfocus.com/bid/25239http://www.vupen.com/english/advisories/2007/2816https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5075http://osvdb.org/36667http://secunia.com/advisories/26363http://securitytracker.com/id?1018533http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtmlhttp://www.securityfocus.com/bid/25239http://www.vupen.com/english/advisories/2007/2816https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5075
2007-08-09
Published