CVE-2002-0882

Name of the Vulnerable Software and Affected Versions: Cisco IP Phone versions of models 7910, 7940, and 7960

Description: The issue allows remote attackers to cause a denial of service, potentially leading to a reset, and may also enable the reading of sensitive memory. This can be achieved by providing a large integer value in either the stream ID of the "StreamingStatistics" script or the port ID of the "PortInformation" script.

Recommendations: For Cisco IP Phone models 7910, 7940, and 7960, consider restricting access to the StreamingStatistics and PortInformation scripts as a temporary workaround until a patch is available. Avoid using large integer values in the stream ID and port ID parameters to minimize the risk of exploitation.