CVE-2008-4444
Cisco Unified IP Phone 7940G and 7960G - Denial of Service or Remote Code Execution via Malformed RTP Packet Headers
Title source: llmDescription
Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers.
References (5)
Core 5
Core References
Release Notes x_refsource_confirm
http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7960g_7940g/firmware/sip/8_10/english/release/notes/796040sip_810.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/47948
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4917
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/33264
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500059/100/0/threaded
Scores
EPSS
0.0260
EPSS Percentile
83.5%
Details
CWE
CWE-20
Status
published
Products (2)
cisco/unified_ip_phone_7940g
cisco/unified_ip_phone_7960g
Published
Jan 16, 2009
Tracked Since
Feb 18, 2026