Avaya: >> Ip Soft Phone >> 5.2 Security Vulnerabilities
Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.025
Published
2007-09-19
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
CVSS Score
5.0
EPSS Score
0.038
Published
2005-03-14