CVE-2007-5636

Name of the Vulnerable Software and Affected Versions Nortel UNIStim IP Softphone 2050

Description The issue is related to a buffer overflow that can be triggered by sending a flood of invalid characters to the RTCP port (5678/udp), potentially causing a denial of service (application abort) and possibly allowing the execution of arbitrary code. This is sometimes referred to as "extraneous messaging."

Recommendations For Nortel UNIStim IP Softphone 2050, as a temporary workaround, consider restricting access to the RTCP port (5678/udp) to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.