PT-2002-2628 · Polycom · Polycom Viavideo

Published

2002-12-31

Updated

2008-09-05

CVE-2002-1906

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Polycom ViaVideo versions 2.2 through 3.0

Description The issue allows remote attackers to cause a denial of service by consuming CPU resources. This is achieved by sending incomplete HTTP requests and leaving the connections open.

Recommendations For Polycom ViaVideo versions 2.2 through 3.0, consider restricting access to the web server to minimize the risk of exploitation. As a temporary workaround, implement measures to limit the number of open connections to the web server until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1906

Affected Products

Polycom Viavideo

PT-2002-2628 · Polycom · Polycom Viavideo

CVE-2002-1906

Related Identifiers

Affected Products

References · 6