1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Home
  2. Security
  3. Security Lab
  4. Latest Threats
  5. Vulnerability Descriptions
  6. SA32206

Avaya IP Softphone H.323 Denial of Service Vulnerability

Report ID: SA32206
Source: Secunia
Date of Discovery: 09.10.2008
Criticality: Moderate
Affects:
Avaya IP Softphone 6.x
Compromise From: From remote
Compromise Type: DoS

Summary

A vulnerability has been reported in Avaya IP Softphone, which can be exploited by malicious people to cause a DoS (Denial of Service).

Detailed Description

A vulnerability has been reported in Avaya IP Softphone, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when handling overly large amounts of H.323 data and can be exploited to cause a DoS.

The vulnerability is reported in version 6.01.85. Other versions may also be affected.

Solution

The vendor recommends that local and network access to the affected systems be restricted until an update is available.