CVE-2007-5639
Summary
| CVE | CVE-2007-5639 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-10-23 17:46:00 UTC |
| Updated | 2018-10-15 21:45:00 UTC |
| Description | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and UnMute messages that have a spoofed source IP address for the Signaling Server. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Nortel | Ip Audio Conference Phone 2033 | All | All | All | All |
| Hardware | Nortel | Ip Audio Conference Phone 2033 | All | All | All | All |
| Hardware | Nortel | Ip Phone 1110 | All | All | All | All |
| Hardware | Nortel | Ip Phone 1110 | All | All | All | All |
| Hardware | Nortel | Ip Phone 1120e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1120e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1140e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1140e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1150e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1150e | All | All | All | All |
| Hardware | Nortel | Ip Phone 2001 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2001 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2002 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2002 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2004 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2004 | All | All | All | All |
| Application | Nortel | Ip Softphone 2050 | All | All | All | All |
| Application | Nortel | Ip Softphone 2050 | All | All | All | All |
| Application | Nortel | Mobile Voice Client 2050 | All | All | All | All |
| Application | Nortel | Mobile Voice Client 2050 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2210 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2210 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2211 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2211 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2212 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2212 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 6120 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 6120 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 6140 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 6140 | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 404 - Compass Security AG | MISC | www.csnc.ch | Exploit |
| Nortel IP Phones UNIStim Messages Denial of Service Vulnerability | BID | www.securityfocus.com | Patch |
| CXSecurity - IDS | SREASON | securityreason.com | |
| Nortel: Technical Support: Potential DoS Vulnerability - IP Phone Freeze to Offline State | CONFIRM | support.nortel.com | Patch |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.