Privilege Escalation and Denial of Service in Cisco Unified IP Phones
CVE-2007-1072

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ip Phone Firmware 7906g
Vendor: CVE Published:; 22 February 2007

Summary

The command line interface (CLI) in various models of Cisco Unified IP Phones allows local users to exploit vulnerabilities that may lead to privilege escalation or cause a denial of service. This risk is tied to firmware versions 8.0(4)SR1 and earlier. Notably, certain attack vectors may enable remote exploitation when combined with related vulnerabilities, highlighting the need for vigilance in firmware updates and security practices.

References

http://www.cisco.com/warp/public/707/cisco-air-20070221-p...

vendor-advisoryx_refsource_CISCO

http://www.cisco.com/warp/public/707/cisco-sa-20070221-ph...

vendor-advisoryx_refsource_CISCO

http://secunia.com/advisories/24262

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 22, 2007
Vulnerability Reserved
Feb 22, 2007