ID

VAR-200706-0512


CVE

CVE-2007-3441


TITLE

Aastra 9112i SIP Phone Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-002246

DESCRIPTION

Format string vulnerability in the Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version 1.1.0.10 allows remote attackers to cause a denial of service (blocked call reception and slow calling) via format string specifiers in an SDP header value, a different vulnerability than CVE-2007-3349. Aastra 9112i SIP Phone There is a service disruption ( Call rejection and delayed call ) There is a vulnerability that becomes a condition

Trust: 1.98

sources: NVD: CVE-2007-3441 // JVNDB: JVNDB-2007-002246 // BID: 85631 // VULHUB: VHN-26803

AFFECTED PRODUCTS

vendor:aastra telecommodel:9112i sip phonescope:eqversion:firmware_1.4.0.1048

Trust: 1.6

vendor:aastra telecommodel:9112i sip phonescope:eqversion:1.4.0.1048 and boot version 1.1.0.10

Trust: 0.8

vendor:aastramodel:telecom 9112i sip phonescope:eqversion:1.4.0.1048

Trust: 0.3

sources: BID: 85631 // JVNDB: JVNDB-2007-002246 // CNNVD: CNNVD-200706-446 // NVD: CVE-2007-3441

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-3441
value: MEDIUM

Trust: 1.0

NVD: CVE-2007-3441
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200706-446
value: MEDIUM

Trust: 0.6

VULHUB: VHN-26803
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2007-3441
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-26803
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-26803 // JVNDB: JVNDB-2007-002246 // CNNVD: CNNVD-200706-446 // NVD: CVE-2007-3441

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-3441

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200706-446

TYPE

format string

Trust: 0.6

sources: CNNVD: CNNVD-200706-446

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-002246

PATCH

title:Top Pageurl:http://www.aastratelecom.com/

Trust: 0.8

sources: JVNDB: JVNDB-2007-002246

EXTERNAL IDS

db:NVDid:CVE-2007-3441

Trust: 2.8

db:OSVDBid:45403

Trust: 1.7

db:XFid:35079

Trust: 0.9

db:JVNDBid:JVNDB-2007-002246

Trust: 0.8

db:CNNVDid:CNNVD-200706-446

Trust: 0.7

db:BIDid:85631

Trust: 0.4

db:VULHUBid:VHN-26803

Trust: 0.1

sources: VULHUB: VHN-26803 // BID: 85631 // JVNDB: JVNDB-2007-002246 // CNNVD: CNNVD-200706-446 // NVD: CVE-2007-3441

REFERENCES

url:http://osvdb.org/45403

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/35079

Trust: 1.1

url:http://www.sipera.com/index.php?action=resources%2cthreat_advisory&tid=278&

Trust: 1.0

url:http://xforce.iss.net/xforce/xfdb/35079

Trust: 0.9

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3441

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3441

Trust: 0.8

url:http://www.sipera.com/index.php?action=resources,threat_advisory&tid=278&

Trust: 0.6

url:http://www.sipera.com/index.php?action=resources,threat_advisory&tid=278&

Trust: 0.1

sources: VULHUB: VHN-26803 // BID: 85631 // JVNDB: JVNDB-2007-002246 // CNNVD: CNNVD-200706-446 // NVD: CVE-2007-3441

CREDITS

Unknown

Trust: 0.3

sources: BID: 85631

SOURCES

db:VULHUBid:VHN-26803
db:BIDid:85631
db:JVNDBid:JVNDB-2007-002246
db:CNNVDid:CNNVD-200706-446
db:NVDid:CVE-2007-3441

LAST UPDATE DATE

2025-04-10T23:21:45.670000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-26803date:2017-07-29T00:00:00
db:BIDid:85631date:2007-06-26T00:00:00
db:JVNDBid:JVNDB-2007-002246date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200706-446date:2007-06-29T00:00:00
db:NVDid:CVE-2007-3441date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:VULHUBid:VHN-26803date:2007-06-27T00:00:00
db:BIDid:85631date:2007-06-26T00:00:00
db:JVNDBid:JVNDB-2007-002246date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200706-446date:2007-06-26T00:00:00
db:NVDid:CVE-2007-3441date:2007-06-27T00:30:00