CVE-2007-3286

Avaya IP Softphone <5.2 and R6.0 - Remote Code Execution via ActiveX Control Buffer Overflow

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote attackers to execute arbitrary code via unspecified vectors.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38258
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25707

Scores

EPSS 0.0249
EPSS Percentile 82.8%

Details

CWE
CWE-119
Status published
Products (2)
avaya/ip_soft_phone 6.0
avaya/ip_soft_phone < 5.2
Published Sep 19, 2007
Tracked Since Feb 18, 2026