VAR-200708-0292
Vulnerability from variot - Updated: 2023-12-18 13:30The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain "SIP/2.0 183 Session Progress" message. \"GXV-3000是潮流科技(Grandstream)基于SIP和H.264标准的下一代高级IP视频电话. GXV-3000在处理特定的消息序列时存在漏洞,远程攻击者可能利用此漏洞导致设备不可用. 如果向GXV-3000电话发送了以下两个消息序列的话,就会导致设备拒绝服务:
X ----------------------- INVITE -------------------> GXV-3000 X <------------------ 100 Trying ----------------- GXV-3000 X <--------------- 180 Ringing ------------------- GXV-3000 X ------------- 183 Session Progress -------> GXV-3000 X <-----------RTP - FLOW ------------------------ GXV-3000 \". Grandstream GXV-3000 phones are prone to a remote denial-of-service vulnerability. Exploiting this issue allows remote attackers to cause the device to accept a phone while being unable to hang up. This effectively denies service to legitimate users because further calls will not be accepted by the device. "GXV-3000 is Grandstream's next-generation advanced IP video phone based on SIP and H.264 standards. GXV-3000 has a vulnerability when processing a specific message sequence.
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
Download the free PSI BETA from the Secunia website: https://psi.secunia.com/
TITLE: Grandstream GXV3000 Eavesdropping and Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA26568
VERIFY ADVISORY: http://secunia.com/advisories/26568/
CRITICAL: Moderately critical
IMPACT: Security Bypass, Exposure of sensitive information, DoS
WHERE:
From remote
OPERATING SYSTEM: Grandstream GXV3000 IP Video Phone http://secunia.com/product/15436/
DESCRIPTION: A vulnerability has been reported in the Grandstream GXV3000 IP Video Phone, which can be exploited by malicious people to cause a DoS (Denial of Service) and eavesdrop with vulnerable devices.
The vulnerability is reported in firmware version 1.0.1.7. Other versions may also be affected.
SOLUTION: Reportedly fixed in version 1.0.1.12. Contact the vendor for more information.
PROVIDED AND/OR DISCOVERED BY: Humberto J. Abdelnur, Radu State, and Olivier Festor
ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065417.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200708-0292",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sip phone",
"scope": "eq",
"trust": 1.6,
"vendor": "grandstream",
"version": "gxv-3000"
},
{
"model": "sip phone",
"scope": "eq",
"trust": 0.8,
"vendor": "grandstream",
"version": "gxv-3000 boot 1.0.0.18"
},
{
"model": "sip phone",
"scope": "eq",
"trust": 0.8,
"vendor": "grandstream",
"version": "loader 1.0.0.6"
},
{
"model": "sip phone",
"scope": "eq",
"trust": 0.8,
"vendor": "grandstream",
"version": "firmware 1.0.1.7"
},
{
"model": "gxv-3000",
"scope": "eq",
"trust": 0.3,
"vendor": "grandstream",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "25399"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002547"
},
{
"db": "NVD",
"id": "CVE-2007-4498"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:grandstream:sip_phone:gxv-3000:1.0.0.18_boot:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:grandstream:sip_phone:gxv-3000:1.0.0.6_loader:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:grandstream:sip_phone:gxv-3000:1.0.1.7_firmware:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-4498"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Radu State\u203b state@loria.fr",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
],
"trust": 0.6
},
"cve": "CVE-2007-4498",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 7.8,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2007-4498",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-27860",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-4498",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200708-394",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-27860",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27860"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002547"
},
{
"db": "NVD",
"id": "CVE-2007-4498"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone\u0027s local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain \"SIP/2.0 183 Session Progress\" message. \\\"GXV-3000\u662f\u6f6e\u6d41\u79d1\u6280(Grandstream)\u57fa\u4e8eSIP\u548cH.264\u6807\u51c6\u7684\u4e0b\u4e00\u4ee3\u9ad8\u7ea7IP\u89c6\u9891\u7535\u8bdd. \nGXV-3000\u5728\u5904\u7406\u7279\u5b9a\u7684\u6d88\u606f\u5e8f\u5217\u65f6\u5b58\u5728\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u8bbe\u5907\u4e0d\u53ef\u7528. \n\u5982\u679c\u5411GXV-3000\u7535\u8bdd\u53d1\u9001\u4e86\u4ee5\u4e0b\u4e24\u4e2a\u6d88\u606f\u5e8f\u5217\u7684\u8bdd\uff0c\u5c31\u4f1a\u5bfc\u81f4\u8bbe\u5907\u62d2\u7edd\u670d\u52a1\uff1a\n\nX ----------------------- INVITE -------------------\uff1e GXV-3000\nX \uff1c------------------ 100 Trying ----------------- GXV-3000\nX \uff1c--------------- 180 Ringing ------------------- GXV-3000\nX ------------- 183 Session Progress -------\uff1e GXV-3000\nX \uff1c-----------RTP - FLOW ------------------------ GXV-3000\n\\\". Grandstream GXV-3000 phones are prone to a remote denial-of-service vulnerability. \nExploiting this issue allows remote attackers to cause the device to accept a phone while being unable to hang up. This effectively denies service to legitimate users because further calls will not be accepted by the device. \"GXV-3000 is Grandstream\u0027s next-generation advanced IP video phone based on SIP and H.264 standards. GXV-3000 has a vulnerability when processing a specific message sequence. \n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nDownload the free PSI BETA from the Secunia website:\nhttps://psi.secunia.com/\n\n----------------------------------------------------------------------\n\nTITLE:\nGrandstream GXV3000 Eavesdropping and Denial of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA26568\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26568/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSecurity Bypass, Exposure of sensitive information, DoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nGrandstream GXV3000 IP Video Phone\nhttp://secunia.com/product/15436/\n\nDESCRIPTION:\nA vulnerability has been reported in the Grandstream GXV3000 IP Video\nPhone, which can be exploited by malicious people to cause a DoS\n(Denial of Service) and eavesdrop with vulnerable devices. \n\nThe vulnerability is reported in firmware version 1.0.1.7. Other\nversions may also be affected. \n\nSOLUTION:\nReportedly fixed in version 1.0.1.12. Contact the vendor for more\ninformation. \n\nPROVIDED AND/OR DISCOVERED BY:\nHumberto J. Abdelnur, Radu State, and Olivier Festor\n\nORIGINAL ADVISORY:\nhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065417.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-4498"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002547"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-394"
},
{
"db": "BID",
"id": "25399"
},
{
"db": "VULHUB",
"id": "VHN-27860"
},
{
"db": "PACKETSTORM",
"id": "58842"
}
],
"trust": 2.61
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-27860",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27860"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-4498",
"trust": 2.8
},
{
"db": "BID",
"id": "25399",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "26568",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "40185",
"trust": 1.7
},
{
"db": "SREASON",
"id": "3059",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018598",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-2970",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002547",
"trust": 0.8
},
{
"db": "XF",
"id": "36170",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20070822 REMOTE EAVESDROPPING WITH SIP PHONE GXV-3000",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200708-394",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-83900",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "30517",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-27860",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58842",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27860"
},
{
"db": "BID",
"id": "25399"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002547"
},
{
"db": "PACKETSTORM",
"id": "58842"
},
{
"db": "NVD",
"id": "CVE-2007-4498"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
]
},
"id": "VAR-200708-0292",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-27860"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:30:37.378000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.grandstream.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002547"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-4498"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-august/065417.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25399"
},
{
"trust": 1.7,
"url": "http://osvdb.org/40185"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018598"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26568"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/3059"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/2970"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36170"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4498"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4498"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/36170"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2970"
},
{
"trust": 0.3,
"url": "http://www.grandstream.com/gxv3000.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/15436/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26568/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27860"
},
{
"db": "BID",
"id": "25399"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002547"
},
{
"db": "PACKETSTORM",
"id": "58842"
},
{
"db": "NVD",
"id": "CVE-2007-4498"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-27860"
},
{
"db": "BID",
"id": "25399"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002547"
},
{
"db": "PACKETSTORM",
"id": "58842"
},
{
"db": "NVD",
"id": "CVE-2007-4498"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-27860"
},
{
"date": "2007-08-22T00:00:00",
"db": "BID",
"id": "25399"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002547"
},
{
"date": "2007-08-25T19:10:39",
"db": "PACKETSTORM",
"id": "58842"
},
{
"date": "2007-08-23T19:17:00",
"db": "NVD",
"id": "CVE-2007-4498"
},
{
"date": "2007-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-27860"
},
{
"date": "2015-05-07T17:35:00",
"db": "BID",
"id": "25399"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002547"
},
{
"date": "2017-07-29T01:32:58.647000",
"db": "NVD",
"id": "CVE-2007-4498"
},
{
"date": "2007-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Grandstream SIP Phone GXV 3000 Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002547"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "25399"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-394"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…