2 results (0.025 seconds)

CVSS: 2.3EPSS: 0%CPEs: 1EXPL: 0

Format string vulnerability on the Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 allows remote attackers to cause a denial of service (blocked call reception and calling) via format string specifiers in an SIP INVITE message that lacks a host name in the Contact header. Vulnerabilidad de cadena de formato en Research de Motion BlackBerry 7270 anterior a 4.0 SP1 Bundle 108 permite a atacantes remotos provocar una denegación de servicio (recepción y establecimiento de llamadas bloqueadas) mediante especificadores de formato en un mensaje SIP INVITE que carece de un nombre de host en la cabecera Contact. • http://osvdb.org/37646 http://secunia.com/advisories/25824 http://www.blackberry.com/btsc/articles/218/KB12707_f.SAL_Public.html http://www.kb.cert.org/vuls/id/619465 http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=208& https://exchange.xforce.ibmcloud.com/vulnerabilities/35077 •

CVSS: 2.3EPSS: 0%CPEs: 1EXPL: 0

The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transaction states, which allows remote attackers to cause a denial of service (temporary device hang) by sending a certain SIP INVITE message, but not providing an ACK when the call is answered. The Research en Motion BlackBerry 7270 anterior a 4.0 SP1 Bundle 108 no maneja adecuadamente los estados de las transacciones, lo cual permite a atacantes remotos provocar una denegación de servicio (cuelgue temporal del dispositivo) enviando cierto mensaje SIP INVITE, pero que no proporciona un ACK cuando la llamada es contestada. • http://osvdb.org/37647 http://secunia.com/advisories/25824 http://www.blackberry.com/btsc/articles/220/KB12705_f.SAL_Public.html http://www.kb.cert.org/vuls/id/324841 http://www.securityfocus.com/bid/24545 http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=213& https://exchange.xforce.ibmcloud.com/vulnerabilities/35075 •