CVE-2007-4280 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2007-4280

CVE-2007-4280

August 09, 2007

The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (application crash) via a CAPABILITIES_RES_MESSAGE packet with a capabilities count larger than the capabilities_res_message array population.

Related Resources (7)

http://www.securitytracker.com/id?1018536

https://people.canonical.com/~ubuntu-security/cve/CVE-2007-4280

http://downloads.digium.com/pub/asa/ASA-2007-019.pdf

http://secunia.com/advisories/26340

http://www.vupen.com/english/advisories/2007/2808

https://exchange.xforce.ibmcloud.com/vulnerabilities/35870

http://www.securityfocus.com/bid/25228

Do you need more information?

CVSS v4

Base Score:

2.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Attack Requirements

NONE

Privileges Required

LOW

User Interaction

NONE

Vulnerable System Confidentiality

NONE

Vulnerable System Integrity

NONE

Vulnerable System Availability

LOW

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

CVSS v2

Base Score:

3.5

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

EPSS

Base Score:

2.78

Products

Solutions

Resources

Company

Compare

Developer Tools