Buffer Overflow Vulnerabilities in Avaya IP Softphone Products
CVE-2007-3286

Currently unrated

Key Information:

Vendor: Avaya
Status: Ip Soft Phone
Vendor: CVE Published:; 19 September 2007

What is CVE-2007-3286?

Multiple buffer overflow vulnerabilities exist in unspecified ActiveX controls within COM objects for Avaya IP Softphone versions R5.2 before SP3 and R6.0. These weaknesses could allow remote attackers to execute arbitrary code by exploiting vulnerable vectors, leading to potential unauthorized actions on the affected systems.

References

http://osvdb.org/38258

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/25707

vdb-entryx_refsource_BID

http://support.avaya.com/elmodocs2/security/ASA-2007-314.htm

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2007
Vulnerability Reserved
Jun 20, 2007