CVE-2008-4444

Cisco Unified IP Phone 7940G and 7960G - Denial of Service or Remote Code Execution via Malformed RTP Packet Headers

Title source: llm
STIX 2.1

Description

Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/47948
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4917
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/33264
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500059/100/0/threaded

Scores

EPSS 0.0260
EPSS Percentile 83.5%

Details

CWE
CWE-20
Status published
Products (2)
cisco/unified_ip_phone_7940g
cisco/unified_ip_phone_7960g
Published Jan 16, 2009
Tracked Since Feb 18, 2026