Sign-up

ID

VAR-200706-0512


CVE

CVE-2007-3441


TITLE

Aastra 9112i SIP Phone Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-002246

DESCRIPTION

Format string vulnerability in the Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version 1.1.0.10 allows remote attackers to cause a denial of service (blocked call reception and slow calling) via format string specifiers in an SDP header value, a different vulnerability than CVE-2007-3349. Aastra 9112i SIP Phone There is a service disruption ( Call rejection and delayed call ) There is a vulnerability that becomes a condition

Trust: 1.98

sources: NVD: CVE-2007-3441 // JVNDB: JVNDB-2007-002246 // BID: 85631 // VULHUB: VHN-26803

AFFECTED PRODUCTS

vendor:aastra telecommodel:9112i sip phonescope:eqversion:firmware_1.4.0.1048

Trust: 1.6

vendor:aastra telecommodel:9112i sip phonescope:eqversion:1.4.0.1048 and boot version 1.1.0.10

Trust: 0.8

vendor:aastramodel:telecom 9112i sip phonescope:eqversion:1.4.0.1048

Trust: 0.3

sources: BID: 85631 // JVNDB: JVNDB-2007-002246 // CNNVD: CNNVD-200706-446 // NVD: CVE-2007-3441

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-3441
value: MEDIUM

Trust: 1.0

NVD: CVE-2007-3441
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200706-446
value: MEDIUM

Trust: 0.6

VULHUB: VHN-26803
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2007-3441
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-26803
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-26803 // JVNDB: JVNDB-2007-002246 // CNNVD: CNNVD-200706-446 // NVD: CVE-2007-3441

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-3441

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200706-446

TYPE

format string

Trust: 0.6

sources: CNNVD: CNNVD-200706-446

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-002246

PATCH
title:Top Pageurl:http://www.aastratelecom.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-002246

EXTERNAL IDS
db:NVDid:CVE-2007-3441
Trust: 2.8
db:OSVDBid:45403
Trust: 1.7
db:XFid:35079
Trust: 0.9
db:JVNDBid:JVNDB-2007-002246
Trust: 0.8
db:CNNVDid:CNNVD-200706-446
Trust: 0.7
db:BIDid:85631
Trust: 0.4
db:VULHUBid:VHN-26803
Trust: 0.1
sources:
            
            
            VULHUB: VHN-26803 // 
            
            
            
            BID: 85631 // 
            
            
            
            JVNDB: JVNDB-2007-002246 // 
            
            
            
            CNNVD: CNNVD-200706-446 // 
            
            
            
            NVD: CVE-2007-3441

REFERENCES
url:http://osvdb.org/45403
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/35079
Trust: 1.1
url:http://www.sipera.com/index.php?action=resources%2cthreat_advisory&tid=278&
Trust: 1.0
url:http://xforce.iss.net/xforce/xfdb/35079
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3441
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3441
Trust: 0.8
url:http://www.sipera.com/index.php?action=resources,threat_advisory&tid=278&
Trust: 0.6
url:http://www.sipera.com/index.php?action=resources,threat_advisory&tid=278&
Trust: 0.1
sources:
            
            
            VULHUB: VHN-26803 // 
            
            
            
            BID: 85631 // 
            
            
            
            JVNDB: JVNDB-2007-002246 // 
            
            
            
            CNNVD: CNNVD-200706-446 // 
            
            
            
            NVD: CVE-2007-3441

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 85631

SOURCES
db:VULHUBid:VHN-26803
db:BIDid:85631
db:JVNDBid:JVNDB-2007-002246
db:CNNVDid:CNNVD-200706-446
db:NVDid:CVE-2007-3441

LAST UPDATE DATE
2025-04-10T23:21:45.670000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-26803date:2017-07-29T00:00:00
db:BIDid:85631date:2007-06-26T00:00:00
db:JVNDBid:JVNDB-2007-002246date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200706-446date:2007-06-29T00:00:00
db:NVDid:CVE-2007-3441date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-26803date:2007-06-27T00:00:00
db:BIDid:85631date:2007-06-26T00:00:00
db:JVNDBid:JVNDB-2007-002246date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200706-446date:2007-06-26T00:00:00
db:NVDid:CVE-2007-3441date:2007-06-27T00:30:00