Remote Eavesdropping Vulnerability in Cisco Unified IP Phones with Extension Mobility Enabled
CVE-2007-6190

Currently unrated

Key Information:

Vendor

Cisco
Status
Unified Ip Phone
Vendor
CVE Published:
30 November 2007

What is CVE-2007-6190?

A security issue in the HTTP daemon of Cisco Unified IP Phones, when paired with the Extension Mobility feature, allows remote authenticated users from other devices connected to the same Cisco Unified Communications Manager (CUCM) server to eavesdrop on surrounding audio. This is executed through a specific CiscoIPPhoneExecute message that contains a URL attribute directing to a Real-Time Transport Protocol (RTP) audio stream, potentially exposing sensitive conversations or private information to unauthorized individuals.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/26668
vdb-entryx_refsource_BID
http://www.cisco.com/en/US/products/products_security_res...
vendor-advisoryx_refsource_CISCO
http://securitytracker.com/id?1019006
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.