Avaya: >> Ip Soft Phone >> 6.0 Security Vulnerabilities
Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 allows remote attackers to cause a denial of service (crash) via a large amount of H.323 data.
CVSS Score
5.0
EPSS Score
0.012
Published
2009-02-14
Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.025
Published
2007-09-19
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
CVSS Score
5.0
EPSS Score
0.038
Published
2005-03-14