Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing.
References
Link | Resource |
---|---|
http://www.atstake.com/research/advisories/2002/a071202-1.txt | Broken Link |
http://www.iss.net/security_center/static/9566.php | Broken Link |
http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp | Broken Link Vendor Advisory |
http://www.securityfocus.com/bid/5224 | Broken Link Third Party Advisory VDB Entry |
http://www.atstake.com/research/advisories/2002/a071202-1.txt | Broken Link |
http://www.iss.net/security_center/static/9566.php | Broken Link |
http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp | Broken Link Vendor Advisory |
http://www.securityfocus.com/bid/5224 | Broken Link Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
20 Nov 2024, 23:39
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.atstake.com/research/advisories/2002/a071202-1.txt - Broken Link | |
References | () http://www.iss.net/security_center/static/9566.php - Broken Link | |
References | () http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp - Broken Link, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/5224 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2002-07-23 04:00
Updated : 2024-11-20 23:39
NVD link : CVE-2002-0671
Mitre link : CVE-2002-0671
CVE.ORG link : CVE-2002-0671
JSON object : View
Products Affected
pingtel
- xpressa_firmware
- xpressa
CWE
CWE-494
Download of Code Without Integrity Check