CVE-2007-3317

Published: Jun 21, 2007Modified: Apr 23, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

The Session Initiation Protocol (SIP) User Access Client (UAC) message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and earlier allows remote attackers to cause a denial of service (device crash) via a malformed SIP message.

Affected (1)

Products: Avaya: One X

Avaya

1 product

One X

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Avaya One X	Up to 2.1.0.70

References (12)

http://osvdb.org/38113

Source: cve@mitre.org

http://secunia.com/advisories/25727

Source: cve@mitre.org

Vendor Advisory

http://support.avaya.com/elmodocs2/security/ASA-2007-241.htm

Source: cve@mitre.org

http://www.securityfocus.com/bid/24541

Source: cve@mitre.org

Patch

http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=296&

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34952

Source: cve@mitre.org

http://osvdb.org/38113