CVE-2006-0189

Name of the Vulnerable Software and Affected Versions eStara Softphone versions 3.0.1.14 through 3.0.1.46

Description The issue allows remote attackers to execute arbitrary code via a long attribute field in the SDP data of a SIP packet on UDP port 5060. This is due to a buffer overflow.

Recommendations For versions 3.0.1.14 through 3.0.1.46, consider restricting access to UDP port 5060 to minimize the risk of exploitation. As a temporary workaround, avoid using long attribute fields in the SDP data of SIP packets until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.