CVE-2007-3351

Name of the Vulnerable Software and Affected Versions SJPhone SIP soft phone version 1.60.303c

Description The issue allows remote attackers to cause a denial of service, resulting in device hang and traffic amplification, via a direct crafted INVITE transaction. This transaction causes the phone to transmit many RTP packets.

Recommendations For SJPhone SIP soft phone version 1.60.303c, consider disabling the handling of direct INVITE transactions as a temporary workaround until a patch is available. Restrict access to the phone's SIP functionality to minimize the risk of exploitation.