Denial of Service Vulnerability in Cisco Unified IP Phones
CVE-2008-4444

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ip Phone 7940g; Unified Ip Phone 7960g
Vendor: CVE Published:; 16 January 2009

Summary

Cisco Unified IP Phones, specifically the 7960G and 7940G models, are susceptible to a Denial of Service attack that can be initiated remotely. This vulnerability arises when an attacker sends a malformed Real-time Transport Protocol (RTP) packet, prompting the device to reboot or potentially execute arbitrary code. The issue is present in firmware versions P0S3-08-9-00 and possibly earlier releases, making it critical for users to ensure they use the latest firmware to mitigate risks associated with this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47948

vdb-entryx_refsource_XF

http://securityreason.com/securityalert/4917

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/bid/33264

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jan 16, 2009
Vulnerability Reserved
Oct 3, 2008