CVE-2009-3704

EUVD-2009-3677
ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, allows remote attackers to cause a denial of service (crash) via a SIP INVITE request with an empty Call-Info header.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
Affected Products (NVD)
VendorProductVersion
zoiperzoiper
𝑥
≤ 2.22
zoiperzoiper
2.0
zoiperzoiper
2.10
zoiperzoiper
2.11
𝑥
= Vulnerable software versions
References
http://packetstormsecurity.org/0910-exploits/zoiper_dos.py.txt
http://secunia.com/advisories/37015
https://exchange.xforce.ibmcloud.com/vulnerabilities/53792
http://packetstormsecurity.org/0910-exploits/zoiper_dos.py.txt
http://secunia.com/advisories/37015
https://exchange.xforce.ibmcloud.com/vulnerabilities/53792