Vulnerabilities > Nortel > IP Softphone 2050 > High

DATE CVE VULNERABILITY TITLE RISK
2007-10-23 CVE-2007-5639 Denial of Service vulnerability in Nortel IP Phones UNIStim Messages
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and UnMute messages that have a spoofed source IP address for the Signaling Server.
network
nortel
7.1
2007-10-23 CVE-2007-5636 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nortel IP Softphone 2050
Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via a flood of invalid characters to the RTCP port (5678/udp) that triggers a Windows error message, aka "extraneous messaging."
network
low complexity
nortel CWE-119
7.5