CVE-2006-0738
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/02/2006
Last modified:
19/10/2018
Description
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service (hang) via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using (1) the field name, (2) the o field (owner/creator and session identifier), or (3) the m field (media name and transport address).
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:estara:softphone:*:*:*:*:*:*:*:* | 3.0.1.47 (including) |
To consult the complete list of CPE names with products and versions, see this page