CVE-2007-3286
Avaya IP Softphone <5.2 and R6.0 - Remote Code Execution via ActiveX Control Buffer Overflow
Title source: llmDescription
Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote attackers to execute arbitrary code via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/38258
Vendor Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2007-314.htm
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25707
Scores
EPSS
0.0249
EPSS Percentile
82.8%
Details
CWE
CWE-119
Status
published
Products (2)
avaya/ip_soft_phone
6.0
avaya/ip_soft_phone
< 5.2
Published
Sep 19, 2007
Tracked Since
Feb 18, 2026