CVE-2007-5640

Published: Oct 23, 2007Modified: Apr 23, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server that has a spoofed source IP address for the phone. NOTE: the attack is more disruptive if a new spoofed resume message is sent after each re-registration.

Affected (16)

Products: Nortel: Business Communications Manager, Centrex Ip Client Manager, Centrex Ip Element Manager, Meridian Option 11c, Meridian Option 51c, Meridian Option 61c, Meridian Option 81c, Meridian Sl100, Mobile Voice Client 2050

Nortel

9 products

Business Communications Manager

Centrex Ip Client Manager

Centrex Ip Element Manager

Mobile Voice Client 2050

Configuration A

16 vulnerable · 20 platform

Vulnerable Software	Affected Versions
Nortel Business Communications Manager	Version 1000
Nortel Business Communications Manager	Version 200
Nortel Business Communications Manager	Version 400
Nortel Business Communications Manager	Version 50
Nortel Business Communications Manager	Version 50a
Nortel Business Communications Manager	Version 50e
Nortel Business Communications Manager	Version srg200
Nortel Business Communications Manager	Version srg50
Nortel Centrex Ip Client Manager	All versions
Nortel Centrex Ip Element Manager	All versions
Nortel Meridian Option 11c	All versions
Nortel Meridian Option 51c	All versions
Nortel Meridian Option 61c	All versions
Nortel Meridian Option 81c	All versions
Nortel Meridian Sl100	Version cs2100
Nortel Mobile Voice Client 2050	All versions

Running on/with	Platform Versions
Nortel Multimedia Communication Server 5100	All versions
Nortel Multimedia Communication Server 5200	All versions
Nortel Communications Server	Version 1000e
Nortel Communications Server	Version 1000m
Nortel Communications Server	Version 1000s
Nortel Communications Server	Version 2100
Nortel Ip Audio Conference Phone 2033	All versions
Nortel Ip Phone 1110	All versions
Nortel Ip Phone 1120e	All versions
Nortel Ip Phone 1140e	All versions
Nortel Ip Phone 1150e	All versions
Nortel Ip Phone 2001	All versions
Nortel Ip Phone 2002	All versions
Nortel Ip Phone 2004	All versions
Nortel Ip Phone 2007	All versions
Nortel Wlan Handset 2210	All versions
Nortel Wlan Handset 2211	All versions
Nortel Wlan Handset 2212	All versions
Nortel Wlan Handset 6120	All versions
Nortel Wlan Handset 6140	All versions