Vulnerabilities > Cisco > Voip Phone CP 7940 > 3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-08-21 | CVE-2007-4459 | Improper Input Validation vulnerability in Cisco Voip Phone Cp-7940 and Voip Phone Cp-7960 Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages. | 7.1 |
| 2002-10-04 | CVE-2002-0882 | Denial Of Service vulnerability in Cisco products The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script. | 6.4 |
| 2002-10-04 | CVE-2002-0881 | Unspecified vulnerability in Cisco products Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings. | 2.1 |
| 2002-10-04 | CVE-2002-0880 | Denial-Of-Service vulnerability in Cisco products Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9) "trash2." | 5.0 |