CVE-2007-4366

Name of the Vulnerable Software and Affected Versions WengoPhone version 2.1

Description The issue allows remote attackers to cause a denial of service, resulting in a device crash. This can be achieved by sending a SIP INVITE message without a Content-Type header.

Recommendations For WengoPhone version 2.1, consider implementing validation for SIP INVITE messages to ensure they contain a Content-Type header, or apply a patch if one becomes available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.