CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0671

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1980%
EPSS Percentile17.16th
PublishedJul 23, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing.

Affected Platforms (CPE)

πŸ’»
Pingtel

Xpressa Firmware

= 1.2.5
πŸ’»
Pingtel

Xpressa Firmware

= 1.2.7.4

References & Advisories

πŸ”— http://www.atstake.com/research/advisories/2002/a071202-1.txt
πŸ”— http://www.iss.net/security_center/static/9566.php
πŸ”— http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
πŸ”— http://www.securityfocus.com/bid/5224
πŸ”— http://www.atstake.com/research/advisories/2002/a071202-1.txt
πŸ”— http://www.iss.net/security_center/static/9566.php
πŸ”— http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
πŸ”— http://www.securityfocus.com/bid/5224

Related Vulnerabilities

CVE-2004-16805.0

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of s...

CVE-2002-06754.6

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmwa...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...