PT-2007-5904 · Thomson · Thomson St 2030 Sip Phone

Published

2007-09-08

Updated

2017-07-29

CVE-2007-4753

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Thomson ST 2030 SIP phone version 1.52.1

Description: The issue allows remote attackers to cause a denial of service, resulting in the device hanging. This can be achieved through two different vectors: (1) an empty SIP message or (2) a SIP INVITE message with a malformed To header.

Recommendations: For Thomson ST 2030 SIP phone version 1.52.1, consider restricting access to the SIP protocol until a patch is available. As a temporary workaround, avoid using the SIP INVITE message with a malformed To header to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-4753

Affected Products

Thomson St 2030 Sip Phone

PT-2007-5904 · Thomson · Thomson St 2030 Sip Phone

CVE-2007-4753

Related Identifiers

Affected Products

References · 8