CVE-2007-4292

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.0 through 12.4

Description The issue concerns multiple memory leaks and voice-related vulnerabilities in Cisco IOS software, affecting various protocols such as Session Initiation Protocol (SIP), Media Gateway Control Protocol (MGCP), H.323, H.254, and Real-time Transport Protocol (RTP). These vulnerabilities can be exploited by remote attackers to cause a denial of service, potentially leading to a device crash via a malformed SIP packet. The estimated number of potentially affected devices and real-world incidents are not specified.

Recommendations For Cisco IOS versions 12.0 through 12.4, update to a fixed version of Cisco IOS software that contains fixes for all mentioned vulnerabilities. As a temporary workaround, consider disabling the affected protocols or features, such as SIP, MGCP, H.323, H.254, and RTP, until a patch is available.